CVE-2024-44652

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail, username, userfirstname, userlastname, and useraddress parameters in userregister.php...

EUVD-2024-55093

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail, username, userfirstname, userlastname, and useraddress parameters in userregister.php...

Kashipara Online Furniture Shopping Ecommerce Website 安全漏洞

Kashipara Online Furniture Shopping Ecommerce Website is a fast online shopping ecommerce website from Kashipara. A security vulnerability exists in Kashipara Online Furniture Shopping Ecommerce Website version 1.0, which is caused by a vulnerability in userregister.php in the useremail, username...

PT-2025-47169

Name of the Vulnerable Software and Affected Versions Kashipara Ecommerce Website version 1.0 Description The Kashipara Ecommerce Website is susceptible to SQL Injection. The issue affects the user register.php file and involves the user email, username, user firstname, user lastname, and user...

EUVD-2023-43507

Malicious code in bioql PyPI...

CVE-2025-3278

The CVE-2025-3278 entry concerns the UrbanGo Membership plugin for WordPress, affected in versions up to and including 1.0.4. The root cause is a privilege escalation flaw where new account registrations can set their own role via the user_register_role field, enabling unauthenticated attackers t...

Linux Distros Unpatched Vulnerability : CVE-2022-49164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a powerpc/tm: Fix userspace r13 corruption fixes a problem in treclaim where a SLB miss can occu...

DEBIAN-CVE-2022-49164

In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a "powerpc/tm: Fix userspace r13 corruption" fixes a problem in treclaim where a SLB miss can occur on the threadstruct-ckptregs while SCRATCH0 is live with the save...

PT-2024-17023 · Unknown · Code4Berry Decoration Management System

Name of the Vulnerable Software and Affected Versions: Code4Berry Decoration Management System version 1.0 Description: A critical issue has been found in the Code4Berry Decoration Management System, affecting some unknown functionality of the file /decoration/admin/userregister.php of the...

CVE-2024-0345

A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument FullName/LastName/Address with the input alertdocument.cookie...

CVE-2023-39807

N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...

N.V.K.INTER iBSG SQL注入漏洞

N.V.K.INTER iBSG NVK iBSG is a security appliance from N.V.K.INTER. A security vulnerability exists in N.V.K.INTER iBSG version v3.5, which originates from a SQL injection vulnerability in the parameter apasswd in the file /portal/user-register.php...

GHSA-5P9J-W2WX-QX4C Open Redirect in django-spirit

django-spirit prior to version 0.12.3 is vulnerable to open redirect. In the /user/login endpoint, it doesn't check the value of the next parameter when the user is logged in and passes it directly to redirect which result to open redirect. This also affects /user/logout, /user/register,...

Multiple Open Redirect

Description In the /user/login endpoint, it doesnt check the value of the next parameter when the user is logged in and pass it directly to redirect which result to open redirect. The bug also exist in /user/logout, /user/register, /user/login, /user/resend-activation. Proof of Concept 1. Go to...

Exploit for Improper Input Validation in Drupal

PoC exploit for CVE-2018-7600, a remote code execution vulnerability in Drupal. The target product/service is Drupal, and the vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the 'user/register' page, and the exploit is typically invoked by running the...

gamessphere.de XSS vulnerability

Open Bug Bounty ID: OBB-660326 Description| Value ---|--- Affected Website:| gamessphere.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit

Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote code execution...

wallhalla.com XSS vulnerability

Open Bug Bounty ID: OBB-558825 Description| Value ---|--- Affected Website:| wallhalla.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

PT-2012-5295 · Sockso · Sockso

Name of the Vulnerable Software and Affected Versions: Sockso versions 1.5 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the name parameter in the "user/register" endpoint. Recommendations: For Sockso versions 1.5 and...

Ultimate Fade-in slideshow 1.51 Shell Upload Vulnerability

Exploit for unknown platform in category web applications ========================================================== Ultimate Fade-in slideshow 1.51 Shell Upload Vulnerability ========================================================== ================== NaMe: Ultimate Fade-in slideshow 1.51 = She...