CVE-2024-50475

Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through = 1.0...

CVE-2024-50475 WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through = 1.0...

CVE-2024-50475

CVE-2024-50475 affects the WordPress Signup Page plugin (versions

CVE-2024-50475 WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through = 1.0...

WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Signup Page versions = 1.0...

WordPress Signup Page Plugin <= 1.0 is vulnerable to Privilege Escalation

Software Signup Page Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-50475 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 15ed63623277 Credits Mika Required...

CVE-2024-49751

CVE-2024-49751 affects Press (a Frappe-based app) prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd. The issue allows a user to inject HTML through SaaS signup inputs, with impact limited to the submitting user, not other users. The underlying cause is unsafe HTML handling in SaaS signup f...

CVE-2024-49751 Frappe Press possible HTML injection through SaaS Signup inputs

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user who injected the unsafe HTML code would onl...

CVE-2024-49751 Frappe Press possible HTML injection through SaaS Signup inputs

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user who injected the unsafe HTML code would onl...

PT-2024-33663 · Frappe +1 · Press

Name of the Vulnerable Software and Affected Versions: Press versions prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd Description: The issue allows a user to inject HTML through SaaS signup inputs, which could affect the user themselves but not other users. Recommendations: For versions...

BIT-PYTHON-2023-27043

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...

CVE-2024-9039

A vulnerability, which was classified as critical, has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=signup. The manipulation of the argument firstname/lastname/email leads to sql injection...

CVE-2024-46375

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup function of the file rental/adminclass.php...

CVE-2024-46375

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup function of the file rental/adminclass.php...

SourceCodester Best House Rental Management System 安全漏洞

SourceCodester Best House Rental Management System is a house rental management system from SourceCodester, Inc. A security vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which originates from an arbitrary file upload vulnerability in the signup function o...

PT-2024-31976 · Unknown · Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: Best House Rental Management System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability in the signup function of the file rental/admin class.php. This could potentially lead to system compromise. There is no...

CVE-2024-46375

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup function of the file rental/adminclass.php...

Insightly: Email verification bypass via request to endpoint "accounts.insightly.com/signup/provisionuser"

The vulnerability allowed bypassing email verification when creating a new Insightly account. The vulnerability existed in the "EmailAddress" parameter of the member creation endpoint. By modifying the parameter, an attacker could create a new account using any email address, including those of...

GHSA-64F8-PJGR-9WMR Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...

Untrusted Query Object Evaluation in RPC API

During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...