86 matches found
CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...
PT-2023-24344 · Unknown · Sourcecodester Faculty Evaluation System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "/eval/ajax.php?action=save user" API endpoint. This could potentially lead to unauthorized access and control of the...
Faculty Evaluation System 安全漏洞
Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A security vulnerability exists in Sourcecodester Faculty Evaluation System v1.0, which originates from an attack that can execute arbitrary code via /eval/ajax.php?action=saveuser...
CVE-2023-2678
A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...
File Tracker Manager System 跨站脚本漏洞
File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...
PT-2023-20794 · Sourcecodester · Sourcecodester File Tracker Manager System
Name of the Vulnerable Software and Affected Versions: SourceCodester File Tracker Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester File Tracker Manager System, affecting the file /file manager/admin/save user.php of the component POST Parameter Handler...
CVE-2023-1460
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...
PT-2023-16998 · Unknown · Sourcecodester Online Pizza Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the Password Change Handler component, specifically affecting the file admin/ajax.php?action=save user. This leads to improper...
Online Pizza Ordering System 授权问题漏洞
Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, an individual developer. An authorization issue vulnerability exists in version 1.0 of the SourceCodester Online Pizza Ordering System, which stems from a security issue in admin/ajax.php?action=saveuser in the...
PT-2023-17002 · Sourcecodester · Sourcecodester Medicine Tracker System
Name of the Vulnerable Software and Affected Versions: SourceCodester Medicine Tracker System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file Users.php?f=save user. The manipulation of the arguments firstname, middlename, lastname, username...
CVE-2023-0988
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. The attack may be initiated remotel...
PT-2023-16669 · Sourcecodester · Sourcecodester Online Pizza Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A problematic issue has been found in the processing of the file "admin/ajax.php?action=save user", leading to cross-site request forgery. The attack can be initiated...
CVE-2022-43265
An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-26819 · Unknown · Canteen Management System
Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability in the /pages/save user.php component, allowing attackers to execute arbitrary code by uploading a crafted PHP file. Recommendations:...
CVE-2022-1287
A vulnerability classified as critical was found in School Club Application System 1.0. This vulnerability affects a request to the file /scas/classes/Users.php?f=saveuser. The manipulation with a POST request leads to privilege escalation. The attack can be initiated remotely and does not requir...
CVE-2020-19682
A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...
CVE-2021-40261
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...
CVE-2021-26230
Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to saveuser.php...
Solarwinds Orion Platform 安全漏洞
Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. An...
CVE-2021-27963
SonLogger before 6.4.1 is affected by user creation with any user permissions profile e.g., SuperAdmin. An anonymous user can send a POST request to /User/saveUser without any authentication or session header...