12 matches found
CVE-2026-5643
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...
EUVD-2026-19215
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...
CVE-2026-5643
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...
CVE-2026-5643
The CVE-2026-5643 entry concerns Cyber-III Student-Management-System (up to build 1a938fa61e9f735078e9b291d2e6215b4942af3f) where an attacker can manipulate the argument $_SERVER['PHP_SELF'] in /admin/Add notice/notice.php (Admin Add Endpoint) to trigger cross-site scripting. The vulnerability is...
CVE-2026-5643 Cyber-III Student-Management-System Admin Add Endpoint notice.php cross site scripting
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...
CVE-2026-5643 Cyber-III Student-Management-System Admin Add Endpoint notice.php cross site scripting
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...
PT-2026-30593
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $ SERVER'PHP SELF' leads to cros...
CVE-2025-41038
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataGroupname' parameter in /apprain/admin/managegroup/add/...
XXL-JOB Cross-Site Request Forgery Vulnerability
XXL-JOB is a distributed task scheduling platform based on java language from XU Xueli XXL-JOB community. A security vulnerability exists in XXL-JOB version 2.2.0, which originates from a cross-site request forgery CSRF vulnerability in xxl-job-admin/user/add. The vulnerability can be exploited b...
CVE-2022-23384
YzmCMS v6.3 is affected by Cross Site Request Forgery CSRF in /admin.add...
UWA Cross-Site Request Forgery Vulnerability
UWA is a universal content management system CMS. A cross-site request forgery vulnerability exists in the index.php?g=admin&c=admin&a=addadmindo URL in UWA version 2.3.11. A remote attacker can exploit this vulnerability to perform unauthorized operations...
CVE-2018-11018
An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery CSRF vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html...