59 matches found
CVE-2022-23887
YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete user accounts via /admin/adminmanage/delete...
CVE-2022-23771
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
CVE-2025-63955
A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...
EUVD-2018-19038
Malware in sbrugna...
EUVD-2017-18313
Malware in sbrugna...
EUVD-2011-4381
Malware in sbrugna...
EUVD-2008-5092
Malware in sbrugna...
EUVD-2021-22133
Malware in sbrugna...
EUVD-2021-18484
Malware in sbrugna...
EUVD-2021-18803
Malware in sbrugna...
EUVD-2022-3509
Malicious code in bioql PyPI...
EUVD-2025-11865
Malicious code in bioql PyPI...
EUVD-2022-28812
Malicious code in bioql PyPI...
EUVD-2022-3220
Malicious code in bioql PyPI...
EUVD-2025-22400
Malicious code in bioql PyPI...
EUVD-2024-3229
Malicious code in bioql PyPI...
EUVD-2024-43175
Malicious code in bioql PyPI...
PT-2025-30514 · WordPress · Omnishop
Name of the Vulnerable Software and Affected Versions: Omnishop versions up to and including 1.0.9 Description: The Omnishop plugin for WordPress is susceptible to Cross-Site Request Forgery on its /users/delete REST route. The route’s permission callback only verifies that the requester is logge...
CVE-2024-40480
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access...
CVE-2022-29160
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android...