226 matches found
CVE-2023-49244
CVE-2023-49244 concerns a permission management vulnerability in the multi-user module of Huawei HarmonyOS. The vulnerability is described as affecting service confidentiality due to improper permission handling in the multi-user module. The primary, documented impact is confidentiality loss; no ...
CVE-2023-49244
Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality...
Huawei HarmonyOS Security Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a privilege management vulnerability in the multi-user module. Successful exploitation ...
CVE-2023-4444
A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to...
CVE-2023-27245
A cross-site scripting XSS vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module...
Cross site scripting
A cross-site scripting XSS vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module...
CVE-2023-27245
A cross-site scripting XSS vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module...
PT-2023-21027 · Unknown · File Management Project
Name of the Vulnerable Software and Affected Versions: File Management Project version 1.0.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module. Recommendations: For...
CVE-2023-27245
A cross-site scripting XSS vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module...
Debian: Security Advisory (DLA-550-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2014-3498
The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands...
SUSE CVE-2018-16837
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just t...
Book Store Management System 跨站脚本漏洞
Book Store Management System is an online bookstore system by Carlo Montero Personal Developer. A security vulnerability exists in Book Store Management System v1.0.0. An attacker can exploit this vulnerability by injecting a specially crafted payload into the Level parameter under the Add New...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
Privilege escalation
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39977
CVE-2022-39977 applies to Online Pet Shop We App v1.0. The vulnerability is an arbitrary file upload in the User module’s editing function, allowing an attacker to upload a crafted PHP file through the picture upload point and execute arbitrary code. Affected software: Online Pet Shop We App v1.0...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-38267
School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=...