Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/08 7:32 p.m.6 views

CVE-2026-2179

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...

5.8CVSS5.2AI score0.00308EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.5 views

PT-2026-7011

A vulnerability was determined in PHPGurukul Hospital Management System 4.0. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be...

5.8CVSS5.5AI score0.00308EPSS
Exploits1References7
OSV
OSV
added 2025/10/30 10:15 p.m.3 views

CVE-2020-36866

Nagios XI versions prior to 5.7.3 are vulnerable to cross-site scripting XSS via the Manage Users page of the Admin interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:53 p.m.3 views

CVE-2020-36866 Nagios XI < 5.7.3 XSS via Manage Users in Admin Interface

Nagios XI versions prior to 5.7.3 are vulnerable to cross-site scripting XSS via the Manage Users page of the Admin interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.1CVSS5.8AI score0.00383EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:53 p.m.18 views

CVE-2020-36866

Nagios XI pre-5.7.3 is affected by a cross-site scripting (XSS) vulnerability on the Manage Users page in the Admin interface due to insufficient input validation/escaping. Impact: attacker can inject and execute script in a victim’s browser. Remediation: upgrade to 5.7.3 or later (sources refer ...

5.4CVSS5.8AI score0.00383EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/28 1:49 p.m.15 views

CVE-2025-12282

A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...

4.8CVSS5.4AI score0.00262EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/27 1:32 p.m.10 views

CVE-2025-12282 code-projects Client Details System manage-users.php cross site scripting

A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used...

4.8CVSS0.00262EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.6 views

PT-2025-41290

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A security issue exists in SourceCodester Student Grades Management System. The add user function within the /admin.php file, specifically in the Manage Users Page...

4.8CVSS3.4AI score0.00266EPSS
Exploits1References9
CNVD
CNVD
added 2019/07/12 12:0 a.m.2 views

Eventum Cross-Site Request Forgery Vulnerability

Eventum is a defect tracking system. The system is used to track inbound technical support, organizational tasks, bugs, etc. A cross-site request forgery vulnerability exists in the htdocs/manage/users.php file in Eventum version 3.5.0, which stems from a WEB application that does not adequately...

8.8CVSS6.9AI score0.00657EPSS
Exploits0References1
Rows per page
Query Builder