CVE-2026-26464

Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...

CVE-2026-26464

Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...

CVE-2026-26464

Stored Cross-Site Scripting XSS was found in the /admin/edituser.php page of Society Management System Portal V1.0, which allows remote attackers to inject and store arbitrary JavaScript code that is executed in users' browsers. This vulnerability can be exploited via the name parameter in a POST...

CVE-2020-36858

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

CVE-2020-36858

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

CVE-2020-36858

Nagios Log Server is affected by a cross-site scripting (XSS) vulnerability in versions prior to 2.1.6, exposed via the web interface on Create User, Edit User, and Manage Host Lists pages. The root cause is insufficient validation/escaping of user-supplied input, allowing an attacker to inject a...

CVE-2020-36858 Nagios Log Server < 2.1.6 XSS via Create User, Edit User, & Manage Host Lists Pages

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

User-Management-PHP-MYSQL 代码问题漏洞

User-Management-PHP-MYSQL is a secure user management system by Ajay Randhawa Personal Developer. A code issue vulnerability exists in User-Management-PHP-MYSQL that stems from incorrect manipulation of the parameter image in the file /admin/edit-user.php, which could lead to arbitrary file uploa...

EUVD-2025-13404

Malicious code in bioql PyPI...

EUVD-2025-27153

Malicious code in bioql PyPI...

CVE-2025-10810

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2025-10408

A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edituser.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been release...

CVE-2022-38595

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edituser.php...

CVE-2025-4292

A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/user/edit.do of the component Edit User Page. The manipulation of the argument Username leads to cross site scripting. The attack can be...

CVE-2025-4292 MRCMS Edit User Page edit.do cross site scripting

A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/user/edit.do of the component Edit User Page. The manipulation of the argument Username leads to cross site scripting. The attack can be...

CVE-2025-4292 MRCMS Edit User Page edit.do cross site scripting

A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/user/edit.do of the component Edit User Page. The manipulation of the argument Username leads to cross site scripting. The attack can be...

CVE-2025-4292

CVE-2025-4292 affects MRCMS 3.1.3. The vulnerability lies in the Edit User Page component: manipulating the Username parameter in /admin/user/edit.do enables cross-site scripting. The issue can be exploited remotely and exploits have been publicly disclosed. Several sources (NVD, Red Hat, OSV, et...

CVE-2024-42798

An Incorrect Access Control vulnerability was found in /music/index.php?page=userlist and /music/index.php?page=edituser in Kashipara Music Management System v1.0. This allows a low privileged attacker to take over the administrator account...

CVE-2024-42795

An Incorrect Access Control vulnerability was found in /music/viewuser.php?id=3 and /music/controller.php?page=edituser&id=3 in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to view valid user details...

College Management System SQL注入漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to the university. College Management System version 1.0 has a SQL injection vulnerability that stems from an SQL injection...