16 matches found
EUVD-2015-1036
Malware in sbrugna...
EUVD-2020-14138
Malware in sbrugna...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
CVE-2015-10020
A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is...
CVE-2025-4889 code-projects Tourism Management System User Registration AddUser buffer overflow
A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...
CVE-2024-36399 Kanboard affected by Project Takeover via IDOR in ProjectPermissionController
Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser. The users permission to add users to a project only get checked on the URL parameter projectid. If the user is authorized to add users to...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
Cross site request forgery (csrf)
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
PT-2023-11583 · Greencms · Greencms
Name of the Vulnerable Software and Affected Versions: GreenCMS version 2.3 Description: A Cross Site Request Forgery issue allows an attacker to gain privileges via the adduser function of "index.php". Recommendations: For GreenCMS version 2.3, consider disabling the adduser function in...
GreenCMS 跨站请求伪造漏洞
GreenCMS is a content management system CMS developed on ThinkPHP. A cross-site request forgery vulnerability exists in GreenCMS v.2.3, which originates from a vulnerability that allows an attacker to gain system privileges via the adduser function in index.php...
CVE-2020-21366
Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php...
CVE-2020-21366
GreenCMS v2.3 is affected by a Cross-Site Request Forgery vulnerability that lets an attacker gain privileges via the adduser function in index.php. Root cause appears to be CSRF in the user-creation flow; CVSS v3.1 base score 8.0 (HIGH) with network attack vector, low complexity and user interac...
PT-2023-10199 · Unknown · Ssn2013 Cis450Project
Name of the Vulnerable Software and Affected Versions: ssn2013 cis450Project affected versions not specified Description: A critical vulnerability has been found in the ssn2013 cis450Project, affecting the addUser function of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. This...
Design/Logic Flaw
An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of the /member/reg.asp page, they can be registered with the super administrators GroupID directly...
CVE-2018-15888
An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of the /member/reg.asp page, they can be registered with the super administrators GroupID directly...
CVE-2004-2646
Affected software: Free Web Chat 2.0. Vulnerable component: addUser function in UserManager.java. Root cause: input condition where usrName is null leads to an uncaught NullPointerException, resulting in a denial of service. Exploit details, impact, and remediation are not provided beyond this de...