151 matches found
CVE-2026-30927 Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter
Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...
EUVD-2025-37489
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting XSS via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser...
Simple-User-Management-System-with-PHP-MySQL 安全漏洞
Simple-User-Management-System-with-PHP-MySQL is a simple user management system built with PHP and MySQL by the individual developer Nababur Rahaman. A security vulnerability exists in Simple-User-Management-System-with-PHP-MySQL version 1.0, which stems from not properly cleaning up user input a...
CVE-2025-63442
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting XSS via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser...
CVE-2025-63442
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting XSS via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser...
PT-2025-44771
Name of the Vulnerable Software and Affected Versions Simple User Management System with PHP-MySQL version 1.0 Description The Simple User Management System with PHP-MySQL fails to properly sanitize user input in the Profile Section, allowing attackers to inject and execute arbitrary JavaScript...
CVE-2025-63442
CVE-2025-63442 affects the Simple User Management System with PHP-MySQL v1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Profile Section caused by insufficient sanitization of user input that is reflected in the browser. Root cause: inadequate input sanitization for profile dat...
CVE-2025-12202
A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...
EUVD-2020-18582
Malware in sbrugna...
EUVD-2021-16333
Malware in sbrugna...
EUVD-2020-15806
Malware in sbrugna...
EUVD-2006-6905
Malware in sbrugna...
EUVD-2021-13587
Malware in sbrugna...
EUVD-2023-38692
Malicious code in bioql PyPI...
EUVD-2025-6305
Malicious code in bioql PyPI...
EUVD-2025-22671
Malicious code in bioql PyPI...
EUVD-2023-45391
Malicious code in bioql PyPI...
EUVD-2025-10495
Malicious code in bioql PyPI...
EUVD-2025-27149
Malicious code in bioql PyPI...
EUVD-2025-29826
Malicious code in bioql PyPI...