1033 matches found
EUVD-2026-8618
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-3148
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-3148
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-3148
CVE-2026-3148 affects SourceCodester Simple and Nice Shopping Cart Script v1.0. A SQL injection vulnerability exists in an unknown function in /signup.php via manipulation of the Username argument, with remote exploitation and a publicly disclosed exploit. Multiple connected sources corroborate t...
CVE-2026-3148
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-3148 SourceCodester Simple and Nice Shopping Cart Script signup.php sql injection
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-3148 SourceCodester Simple and Nice Shopping Cart Script signup.php sql injection
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-25420
Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...
PT-2026-20742
Missing Authorization vulnerability in MailerLite MailerLite official-mailerlite-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailerLite: from n/a through = 1.7.18...
CVE-2026-25956
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
Open Redirect
Overview frappe is a Low Code Open Source Framework in Python and JS. Affected versions of this package are vulnerable to Open Redirect in the signup process. An attacker can cause users to be redirected to arbitrary external sites or execute malicious scripts by enticing them to visit a speciall...
CVE-2026-25956
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
CVE-2026-25956 Frappe Affected by XSS and Open Redirect in Sign Up
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
CVE-2026-25956
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
CVE-2026-25956 Frappe Affected by XSS and Open Redirect in Sign Up
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
CVE-2026-25956
CVE-2026-25956 affects the Frappe full-stack web framework. Before versions 14.99.14 and 15.94.0 , an attacker could craft a malicious signup URL on a Frappe site that could cause an open redirect or, depending on payload, a reflected XSS when a user signs up. The issue is fixed in the referenced...
CVE-2026-25956 Frappe Affected by XSS and Open Redirect in Sign Up
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect or reflected XSS, depending on the crafted payload when a user signs up. This vulnerability is fixed in 14.99.14 a...
PT-2026-7328
Name of the Vulnerable Software and Affected Versions Frappe versions prior to 14.99.14 Frappe versions prior to 15.94.0 Description A crafted malicious signup URL for a Frappe site could lead to an open redirect or reflected cross-site scripting XSS, depending on the crafted payload, when a user...
CVE_choco_2
DESCRIPTION - During the security assessment of "STUDENT WEB...
CVE-2026-24780
CVE-2026-24780 affects AutoGPT Platform prior to v0.6.44. An authenticated user can trigger remote code execution by calling the execute endpoint for blocks (both main web API and external API) without honoring the disabled flag for BlockInstallationBlock, which writes arbitrary Python code to th...