Authentication flaw

AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php...

CVE-2008-2348

MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php...

Authentication flaw

MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php...

CVE-2008-2346

AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php...

CVE-2008-2346

CVE-2008-2346 affects AlkalinePHP versions 0.77.35 and earlier. The vulnerability allows remote attackers to bypass authentication and gain administrative access by issuing a direct request to adduser.php to create an admin account. The connected documents confirm the root cause as an authenticat...

CVE-2008-2348

MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php...

AlkalinePHP <= 0.77.35 (adduser.php) Arbitrary Add-Admin Vuln

No description provided by source. --==+================================================================================+==-- --==+ AlkalinePHP = 0.77.35 adduser.php Arbitrary Add-Admin +==-- --==+================================================================================+==-- Discovered By:...

AlkalinePHP 0.77.35 - adduser.php Arbitrary Add Admin

AlkalinePHP 0.77.35 - adduser.php Arbitrary Add Admin --==+================================================================================+==-- --==+ AlkalinePHP = 0.77.35 adduser.php Arbitrary Add-Admin +==--...

Authentication flaw

adduser.php in PHP-AGTC Membership AGTC-Membership System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin userlevel 4 privileges...

Cross site scripting

Cross-site scripting XSS vulnerability in adduser.php in PHP-AGTC Membership System 1.1a and earlier allows remote attackers to inject arbitrary web script or HTML via the email address useremail parameter...

CVE-2006-2687

CVE-2006-2687 is a cross-site scripting (XSS) vulnerability in adduser.php of the PHP-AGTC Membership System, affecting version 1.1a and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the email address parameter (useremail). NVD metrics assign a medium base ...

CVE-2005-4225

Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote attackers to execute arbitrary SQL commands via 1 the category parameter in add.php, 2 the catdesc parameter in addcat.php, 3 the level and user parameters in adduser.php, 4 the postid parameter in...

ITA Forum 1.49 - SQL Injection

ITA Forum 1.49 - SQL Injection !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: example: r57ita.pl http://127.0.0.1/ITA/...