14 matches found
CVE-2023-1363
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...
CVE-2023-1363
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...
Cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...
CVE-2023-1363 SourceCodester Computer Parts Sales and Inventory System Add User Account cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...
PT-2023-16930 · Sourcecodester · Sourcecodester Computer Parts Sales/Inventory System
Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Parts Sales and Inventory System version 1.0 Description: A problematic issue was found in the Add User Account component, where the manipulation of the username argument leads to cross-site scripting. This issue can b...
Computer Parts Sales and Inventory System 跨站脚本漏洞
Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A cross-site scripting vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which stems from an unknown function present in...
CVE-2020-13156
modules\users\admin\adduser.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=useradd URI...
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...
CVE-2018-18449
EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339...
WUZHI CMS 4.1.0 - Add User Account Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add user account Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9927 An issue was...
Wuzhi CMS 4.1.0 Add User Cross Site Request Forgery
Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add user account Date: 2018-04-10 Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9927 An issue was discovered in WUZHI CMS...
NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion
''' Exploit Title: Add User Account with Admin Privilege without Login & Local File Inclusion Date: 2017-05-21 Exploit Author: f3ci Vendor Homepage: http://www.netgain-systems.com Software Link: http://www.netgain-systems.com/free-edition-download/ Version: = v7.2.647 build 941 Tested on: Windows...
SyndeoCMS Cross-Site Request Forgery Vulnerability
SyndeoCMS is a content management system for elementary schools. A cross-site request forgery vulnerability exists in SyndeoCMS 3.0 and prior versions that allows remote attackers to hijack the authentication of an administrator's request to add a user account, saveuser...
CVE-2009-4139 Spacewalk-java: spacewalk: red hat network satellite: spacewalk java: privilege escalation via cross-site request forgery
A flaw was found in Spacewalk Java site packages. This cross-site request forgery CSRF vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileg...