Online Flight Booking System 1.0 Cross Site Request Forgery

============================================================================================================================================================================= | Title : Online Flight Booking System 1.0 CSRF Add Admin vulnerability | | Author : indoushka | | Tested on : windows 10...

CVE-2024-9083

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The...

PT-2024-39417 · Sourcecodester · Sourcecodester Employee Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A problematic vulnerability has been found in the SourceCodester Employee Management System. This issue affects an unknown part of the file /Admin/add-admin.php. The...

File Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : File Management System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0...

WordPress Add Admin CSS plugin <= 2.0.1 - Unauthenticated Full Path Dislcosure vulnerability

Unauthenticated Full Path Dislcosure vulnerability discovered by stealthcopter in WordPress Plugin Add Admin CSS versions = 2.0.1...

WordPress Add Admin JavaScript plugin <= 2.0 - Unauthenticated Full Path Dislcosure vulnerability

Unauthenticated Full Path Dislcosure vulnerability discovered by stealthcopter in WordPress Plugin Add Admin JavaScript versions = 2.0...

WordPress Add Admin CSS Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure

Software Add Admin CSS Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6547 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 61a3002a46fe Credits stealthcopter Required privile...

WordPress Add Admin JavaScript Plugin <= 2.0 is vulnerable to Sensitive Data Exposure

Software Add Admin JavaScript Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6548 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9dd89390081b Credits stealthcopter Required...

CVE-2024-6547

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

CVE-2024-6548

The Add Admin JavaScript plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path...

CVE-2024-6548

CVE-2024-6548 affects the WordPress plugin Add Admin JavaScript (versions

CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

CVE-2024-6547 Add Admin CSS <= 2.0.1 - Unauthenticated Full Path Dislcosure

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

PT-2024-37705 · WordPress · Add Admin Javascript

Name of the Vulnerable Software and Affected Versions: Add Admin JavaScript plugin for WordPress versions up to and including 2.0 Description: The issue allows unauthenticated attackers to retrieve the full path of the web application, which can aid other attacks. However, the information display...

WordPress plugin Add Admin CSS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-37704 · WordPress · Add Admin Css

Name of the Vulnerable Software and Affected Versions: Add Admin CSS plugin for WordPress versions up to, and including, 2.0.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors on. This allows...

WordPress plugin Add Admin JavaScript 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-3253

A vulnerability classified as critical was found in SourceCodester Internship Portal Management System 1.0. This vulnerability affects unknown code of the file admin/addadmin.php. The manipulation of the argument name/username/password leads to sql injection. The attack can be initiated remotely...

CVE-2024-2394

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/add-admin.php. The manipulation of the argument avatar leads to unrestricted upload. The attack may be launched...

SourceCodester Employee Management System Code Issue Vulnerability

SourceCodester Employee Management System is a php-based website builder for employee performance management from SourceCodester. A code issue exists in SourceCodester Employee Management System version 1.0 where the parameter avatar in the file /Admin/add-admin.php causes unrestricted uploads...