3 matches found
CVE-2025-11485
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...
CVE-2020-29204
XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...
S-CMS Cross-Site Request Forgery Vulnerability
S-CMS is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station of the product. S-CMS 1.5 there is a cross-site request forgery vulnerability, attackers can add new users through admin/ajax.php?type=member&action=add URI to take...