CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

158 matches found

Positive Technologies•added 2023/11/02 12:0 a.m.•1 views

PT-2023-29506 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the contact parameter of the "routers/add-users.php" resource does not validate the characters...

7.7AI score

Exploits0References6

Positive Technologies•added 2023/11/02 12:0 a.m.•2 views

PT-2023-29507 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the deleted parameter of the "routers/add-users.php" resource does not validate the characters...

8.1AI score

Exploits0References5

Positive Technologies•added 2023/11/02 12:0 a.m.•2 views

PT-2023-29501 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the email parameter of the "routers/add-users.php" resource does not validate the characters receive...

8.1AI score

Exploits0References5

OSV•added 2023/10/12 4:15 p.m.•2 views

CVE-2023-43147

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery CSRF to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI...

8.8CVSS5.8AI score0.00486EPSS

Exploits1References1

ATTACKERKB•added 2023/10/12 4:15 p.m.•3 views

CVE-2023-43147

8.8CVSS7.2AI score0.00487EPSS

Exploits2References3

NVD•added 2023/10/12 4:15 p.m.•12 views

CVE-2023-43147

8.8CVSS8.8AI score0.00486EPSS

Exploits1References1

Prion•added 2023/10/12 4:15 p.m.•21 views

Cross site request forgery (csrf)

6.8CVSS8.8AI score0.00486EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/10/12 12:0 a.m.•13 views

CVE-2023-43147

7AI score0.00486EPSS

Exploits1References1

Cvelist•added 2023/10/12 12:0 a.m.•16 views

CVE-2023-43147

9AI score0.00486EPSS

Exploits1References1

Positive Technologies•added 2023/10/12 12:0 a.m.•5 views

PT-2023-28717 · Phpjabbers · Phpjabbers Limo Booking

Name of the Vulnerable Software and Affected Versions: PHPJabbers Limo Booking Software version 1.0 Description: The issue allows for Cross Site Request Forgery CSRF to add an admin user via the Add Users Function. This can be achieved through the...

8.8CVSS8.8AI score0.00486EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 5:29 a.m.•3 views

SUSE CVE-2014-2327

Cross-site request forgery CSRF vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that 1 modify binary files, 2 modify configurations, or 3 add arbitrary users...

6.8CVSS9.1AI score0.02278EPSS

Exploits1References3

Huntr•added 2022/12/28 6:35 p.m.•19 views

Cross-Site Request Forgery (CSRF) in Add Users

Description Hello Team, Create a member functionality is vulnerable for CSRF Attack , by exploiting CSRF vulnerability , attacker can add new Members history.pushState'', '', '/' POC video: https://drive.google.com/file/d/1dN2ug8qjwbz1CGbfuBldwamIFE4BNyH/view?usp=sharing Fix: I just want to sugge...

4.3CVSS0.6AI score0.00256EPSS

Exploits1

OSV•added 2022/08/26 1:15 p.m.•13 views

CVE-2021-39394

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...

6.5CVSS7.4AI score

Exploits0References1

OpenVAS•added 2022/06/16 12:0 a.m.•27 views

Webmin <= 1.994 Multiple Vulnerabilities

Webmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:webmin:webmin"; ifdescription...

9.6CVSS7.5AI score0.04086EPSS

Exploits8References6

OSV•added 2022/04/11 6:15 a.m.•20 views

CVE-2021-32160

A Cross-Site Scripting XSS vulnerability exists in Webmin 1.973 through the Add Users feature...

6.1CVSS5.8AI score0.01964EPSS

Exploits1References1

NVD•added 2022/04/11 6:15 a.m.•10 views

CVE-2021-32160

A Cross-Site Scripting XSS vulnerability exists in Webmin 1.973 through the Add Users feature...

6.1CVSS0.01964EPSS

Exploits1References1

UbuntuCve•added 2022/04/11 6:15 a.m.•45 views

CVE-2021-32160

A Cross-Site Scripting XSS vulnerability exists in Webmin 1.973 through the Add Users feature...

6.1CVSS6.3AI score0.01964EPSS

Exploits1References2

Prion•added 2022/04/11 6:15 a.m.•22 views

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists in Webmin 1.973 through the Add Users feature...

4.3CVSS5.9AI score0.01964EPSS

Exploits1References1Affected Software1

CVE•added 2022/04/11 5:43 a.m.•74 views

CVE-2021-32160

Webmin 1.973 (Add Users feature) has a cross-site scripting (XSS) vulnerability. The issue arises from insufficient filtering/escaping of user-supplied input in the Add Users flow, allowing injected JavaScript to be executed in the client browser. Affected product: Webmin 1.973 (per CVE-2021-3216...

6.1CVSS5.9AI score0.01964EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/04/11 5:43 a.m.•14 views

CVE-2021-32160

A Cross-Site Scripting XSS vulnerability exists in Webmin 1.973 through the Add Users feature...

6.2AI score0.01964EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by