Lucene search
K

86 matches found

OSV
OSV
added 2023/05/26 4:15 p.m.3 views

CVE-2023-33440

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...

7.2CVSS6.3AI score0.14507EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2023/05/26 12:0 a.m.5 views

PT-2023-24344 · Unknown · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "/eval/ajax.php?action=save user" API endpoint. This could potentially lead to unauthorized access and control of the...

7.2CVSS7.5AI score0.14507EPSS
Exploits4References7
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.4 views

Faculty Evaluation System 安全漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A security vulnerability exists in Sourcecodester Faculty Evaluation System v1.0, which originates from an attack that can execute arbitrary code via /eval/ajax.php?action=saveuser...

7.2CVSS7.5AI score0.14507EPSS
Exploits4References4
OSV
OSV
added 2023/05/12 10:15 a.m.2 views

CVE-2023-2678

A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...

5.4CVSS3.8AI score0.00592EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.2 views

File Tracker Manager System 跨站脚本漏洞

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...

5.4CVSS6.2AI score0.00592EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.3 views

PT-2023-20794 · Sourcecodester · Sourcecodester File Tracker Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester File Tracker Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester File Tracker Manager System, affecting the file /file manager/admin/save user.php of the component POST Parameter Handler...

5.4CVSS4.2AI score0.00592EPSS
Exploits1References5
OSV
OSV
added 2023/03/17 8:15 a.m.5 views

CVE-2023-1460

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...

9.8CVSS6.3AI score0.00971EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/17 12:0 a.m.12 views

PT-2023-16998 · Unknown · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the Password Change Handler component, specifically affecting the file admin/ajax.php?action=save user. This leads to improper...

9.8CVSS6.9AI score0.00971EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/17 12:0 a.m.28 views

Online Pizza Ordering System 授权问题漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. An authorization issue vulnerability exists in version 1.0 of the SourceCodester Online Pizza Ordering System, which stems from a security issue in admin/ajax.php?action=saveuser in the...

9.8CVSS6.9AI score0.00971EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/17 12:0 a.m.4 views

PT-2023-17002 · Sourcecodester · Sourcecodester Medicine Tracker System

Name of the Vulnerable Software and Affected Versions: SourceCodester Medicine Tracker System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file Users.php?f=save user. The manipulation of the arguments firstname, middlename, lastname, username...

9.8CVSS7.4AI score0.00787EPSS
Exploits0References6
OSV
OSV
added 2023/02/23 4:15 p.m.2 views

CVE-2023-0988

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. The attack may be initiated remotel...

8.8CVSS5.2AI score0.00465EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.3 views

PT-2023-16669 · Sourcecodester · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A problematic issue has been found in the processing of the file "admin/ajax.php?action=save user", leading to cross-site request forgery. The attack can be initiated...

8.8CVSS4.9AI score0.00465EPSS
Exploits1References5
OSV
OSV
added 2022/11/15 9:15 p.m.2 views

CVE-2022-43265

An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS6AI score0.00891EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.2 views

PT-2022-26819 · Unknown · Canteen Management System

Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability in the /pages/save user.php component, allowing attackers to execute arbitrary code by uploading a crafted PHP file. Recommendations:...

9.8CVSS9.7AI score0.00891EPSS
Exploits0References3
OSV
OSV
added 2022/04/09 8:15 p.m.4 views

CVE-2022-1287

A vulnerability classified as critical was found in School Club Application System 1.0. This vulnerability affects a request to the file /scas/classes/Users.php?f=saveuser. The manipulation with a POST request leads to privilege escalation. The attack can be initiated remotely and does not requir...

9.8CVSS6.9AI score0.00707EPSS
Exploits0References1
OSV
OSV
added 2021/12/09 6:15 p.m.5 views

CVE-2020-19682

A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...

8.8CVSS5.8AI score0.00526EPSS
Exploits1References1
OSV
OSV
added 2021/11/08 9:15 p.m.5 views

CVE-2021-40261

Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...

6.1CVSS6.4AI score0.00641EPSS
Exploits1References1
OSV
OSV
added 2021/07/22 5:15 p.m.6 views

CVE-2021-26230

Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to saveuser.php...

6.1CVSS6.5AI score0.00872EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.5 views

Solarwinds Orion Platform 安全漏洞

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. An...

9.8CVSS5.6AI score0.03981EPSS
Exploits0References2
OSV
OSV
added 2021/03/05 2:15 a.m.5 views

CVE-2021-27963

SonLogger before 6.4.1 is affected by user creation with any user permissions profile e.g., SuperAdmin. An anonymous user can send a POST request to /User/saveUser without any authentication or session header...

8.2CVSS7.3AI score0.02446EPSS
Exploits2References2
Rows per page
Query Builder