9 matches found
CVE-2026-2179
A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...
PT-2026-7011
A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...
CVE-2020-36866
Nagios XI versions prior to 5.7.3 are vulnerable to cross-site scripting XSS via the Manage Users page of the Admin interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36866 Nagios XI < 5.7.3 XSS via Manage Users in Admin Interface
Nagios XI versions prior to 5.7.3 are vulnerable to cross-site scripting XSS via the Manage Users page of the Admin interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36866
Nagios XI pre-5.7.3 is affected by a cross-site scripting (XSS) vulnerability on the Manage Users page in the Admin interface due to insufficient input validation/escaping. Impact: attacker can inject and execute script in a victim’s browser. Remediation: upgrade to 5.7.3 or later (sources refer ...
CVE-2025-12282
A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...
CVE-2025-12282 code-projects Client Details System manage-users.php cross site scripting
A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...
PT-2025-41290
Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A security issue exists in SourceCodester Student Grades Management System. The add user function within the /admin.php file, specifically in the Manage Users Page...
Eventum Cross-Site Request Forgery Vulnerability
Eventum is a defect tracking system. The system is used to track inbound technical support, organizational tasks, bugs, etc. A cross-site request forgery vulnerability exists in the htdocs/manage/users.php file in Eventum version 3.5.0, which stems from a WEB application that does not adequately...