CVE-2026-0851

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

CVE-2026-0851

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

CVE-2026-0851 code-projects Online Music Site AdminAddUser.php sql injection

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

CVE-2026-0851

Code-projects Online Music Site 1.0 contains an SQL injection in /Administrator/PHP/AdminAddUser.php via the txtusername parameter. The vulnerability allows remote exploitation and is supported by a publicly available exploit. The issue is tied to an unknown function in AdminAddUser.php and is co...

CVE-2026-0851 code-projects Online Music Site AdminAddUser.php sql injection

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

EUVD-2026-1959

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is...

PT-2026-2041

Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A flaw exists in code-projects Online Music Site 1.0 that allows for SQL injection. The issue is located in an unknown function within the /Administrator/PHP/AdminAddUser.php file...

CVE-2025-11485

CVE-2025-11485 affects SourceCodester Student Grades Management System 1.0, specifically the add_user function in /admin.php within the Manage Users Page. The vulnerability arises from manipulating the first_name/last_name parameters, enabling cross-site scripting (XSS). The issue can be exploite...

EUVD-2019-9451

Malware in sbrugna...

PT-2023-25627 · Unknown · Campcodes Retro Cellphone Online Store

Name of the Vulnerable Software and Affected Versions: Campcodes Retro Cellphone Online Store version 1.0 Description: A vulnerability was found in the software, classified as problematic, affecting some unknown functionality of the file /admin/add user modal.php. The manipulation of the un...

CVE-2022-27436

A cross-site scripting XSS vulnerability in /public/admin/index.php?adduser at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field...

CVE-2020-13156

modules\users\admin\adduser.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=useradd URI...

CVE-2020-10399

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-user.php by adding a question mark ? followed by the payload...

PT-2020-12069 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/add-user.php by adding a question mark ? followed ...

Cross site scripting

An issue was discovered in Serpico aka SimplE RePort wrIting and CollaboratiOn tool 1.3.0. admin/adduser/UID allows stored XSS via the author parameter...

Serpico Cross-Site Scripting Vulnerability (CNVD-2020-03851)

Serpico is a penetration test report generation and collaboration tool. A cross-site scripting vulnerability exists in admin/adduser/UID in Serpico version 1.3.0, which stems from the lack of proper validation of client-side data in a WEB application and can be exploited by an attacker to execute...

CVE-2018-14069

An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add...

Joomla! Realtyna RPL (com_rpl) component cross-site request forgery vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features.Realtyna RPL comrpl component is one of the real estate information component. A cross-site request forgery vulnerabili...