CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

105 matches found

WSO2 User Registration - Arbitrary Account Creation

The SOAP admin service in WSO2 products has a security vulnerability that allows the creation of new user accounts regardless of the self-registration configuration settings. id: CVE-2024-7097 info: name: WSO2 User Registration - Arbitrary Account Creation author: iamnoooob,rootxharsh,pdresearch...

4.3CVSS5.2AI score0.25144EPSS

Exploits0References2

Positive Technologies•added 2026/04/02 12:0 a.m.•1 views

PT-2026-29952

Fleet's user account creation via invite does not enforce invited email address in github.com/fleetdm/fleet...

7.1CVSS5.8AI score0.00042EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 11:52 a.m.•7 views

CVE-2009-4787

Multiple cross-site request forgery CSRF vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact...

6.8CVSS7.9AI score0.00126EPSS

Exploits0References1

RedhatCVE•added 2025/11/06 6:37 p.m.•10 views

CVE-2025-57244

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...

5.4CVSS5.8AI score0.00031EPSS

Exploits1References1

CVE•added 2025/10/30 9:17 p.m.•12 views

CVE-2023-7325

Anheng Mingyu Operation and Maintenance Audit and Risk Control System (versions up to 2023-08-10) contains an SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can direct the server to connect to internal Unix socket RPC endpoints and invok...

9.3CVSS6.8AI score0.00057EPSS

In wildExploits0References3

Vulnrichment•added 2025/10/30 9:17 p.m.•5 views

CVE-2023-7325 Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...

9.3CVSS6.8AI score0.00057EPSS

Exploits0References3