1035 matches found
PT-2023-32877 · Unknown · Code-Projects E-Commerce Website
Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A critical issue affects some unknown functionality of the file user signup.php. The manipulation of the firstname, middlename, email, address, contact, or username arguments leads to...
PT-2023-32878 · Unknown · Code-Projects E-Commerce Website
Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A problematic vulnerability has been found in the code-projects E-Commerce Website, affecting an unknown part of the file user signup.php. The manipulation of the firstname argument wi...
CVE-2023-7053
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...
CVE-2023-7053
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...
PHPGurukul Online Notes Sharing System Security Vulnerability
PHPGurukul Online Notes Sharing System is an online notes sharing system from PHPGurukul Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Online Notes Sharing System, which stems from certain issues with /user/signup.php that could result in a weak password requirement...
TikTok: Authentication Bypass on TikTok Seller Signup Process Allows Account Creation Without Phone Verification
The authentication bypass vulnerability on the TikTok Seller signup process allowed account creation without phone verification...
CVE-2023-6416 SQL injection in Voovi Social Networking Script
A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via signup2.php in the emailadd parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve...
PT-2023-32647 · Unknown · Voovi Social Networking Script
Name of the Vulnerable Software and Affected Versions: Voovi Social Networking Script version 1.0 Description: A SQL injection vulnerability has been reported, affecting the signup2.php file through the emailadd parameter. This could allow a remote attacker to send a specially crafted SQL query t...
PT-2023-30523 · Datahub · Datahub
Name of the Vulnerable Software and Affected Versions: DataHub versions prior to 0.12.1 Description: The issue concerns an open-source metadata platform where sign-up through an invite link does not properly restrict users from signing up as privileged accounts. If a user is given an email sign-u...
CVE-2023-46677
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtuname' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database...
grafana: email addresses and usernames cannot be trusted
An authentication bypass flaw was discovered in Grafana. This issue could allow a remote unauthenticated attacker to create an account and provide access to a certain organization, which can be exploited by gaining access to the signup link. The highest impacts to the system are confidentiality a...
Expense Management System Code Issue Vulnerability
Expense Management System is an expense management system by Carlo Montero Personal Developer. A security vulnerability exists in Expense Management System version v.1.0. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted file uploaded to the signup.php...
PT-2023-29304 · Unknown · Expense Management System
Name of the Vulnerable Software and Affected Versions: Expense Management System version 1.0 Description: An issue in the Expense Management System allows a local attacker to execute arbitrary code via a crafted file uploaded to the "sign-up.php" component. Recommendations: For Expense Management...
CVE-2023-41950
Cross-Site Request Forgery CSRF vulnerability in Laposta - Roel Bousardt Laposta Signup Basic plugin = 1.4.1 versions...
CVE-2023-41950
Cross-Site Request Forgery CSRF vulnerability in Laposta - Roel Bousardt Laposta Signup Basic plugin = 1.4.1 versions...
CVE-2023-41950 WordPress Laposta Signup Basic Plugin <= 1.4.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Laposta - Roel Bousardt Laposta Signup Basic plugin = 1.4.1 versions...
CVE-2023-41950 WordPress Laposta Signup Basic Plugin <= 1.4.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Laposta - Roel Bousardt Laposta Signup Basic plugin = 1.4.1 versions...
WordPress Plugin Laposta Signup Basic Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2023-28188 · Laposta · Laposta Signup Basic
Name of the Vulnerable Software and Affected Versions: Laposta - Roel Bousardt Laposta Signup Basic plugin versions = 1.4.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application th...
CVE-2023-39165
Cross-Site Request Forgery CSRF vulnerability in Fetch Designs Sign-up Sheets plugin = 2.2.8 versions...