Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.4 views

CVE-2026-3710

A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitati...

7.2CVSS5.7AI score0.00271EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/08 6:31 a.m.8 views

EUVD-2026-10217

A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitati...

5.8CVSS5.7AI score0.00271EPSS
Exploits1References7
NVD
NVD
added 2026/03/08 6:16 a.m.5 views

CVE-2026-3710

A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitati...

7.2CVSS0.00271EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.9 views

PT-2026-23919

A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitati...

5.8CVSS5.7AI score0.00271EPSS
Exploits1References7
NVD
NVD
added 2026/01/27 5:16 p.m.7 views

CVE-2025-69559

code-projects Computer Book Store 1.0 is vulnerable to File Upload in adminadd.php...

9.8CVSS0.005EPSS
Exploits1References2
CVE
CVE
added 2026/01/27 12:0 a.m.13 views

CVE-2025-69559

The CVE-2025-69559 entry concerns code-projects Computer Book Store 1.0, with a File Upload vulnerability in admin_add.php. Multiple connected sources corroborate this issue, including Red Hat, NVD, CVE List, and others. The available data identify the affected software/component as the admin_add...

9.8CVSS5.9AI score0.005EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/09/04 11:9 a.m.4 views

CVE-2025-41038 Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataGroupname' parameter in /apprain/admin/managegroup/add/...

5.1CVSS0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:13 a.m.5 views

CVE-2024-9083

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.1CVSS5.4AI score0.00418EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:21 p.m.4 views

CVE-2022-45224

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...

4.8CVSS6AI score0.00467EPSS
Exploits0References1
OSV
OSV
added 2025/05/09 7:16 a.m.3 views

CVE-2025-4469

A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0. Affected is an unknown function of the file /admin/add-admin.php. The manipulation of the argument txtusername/txtfullname/txtpassword/txtpassword2 leads to cross site scripting. It is...

5.4CVSS3.9AI score0.0048EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.4 views

Web-Based Student Clearance System 跨站脚本漏洞

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A security vulnerability exists in Web-Based Student Clearance System version v1.0, which was discovered to contain a cross-site scripting XSS vulnerability via Admin/add-admin.ph...

4.8CVSS5.3AI score0.00467EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/31 12:0 a.m.3 views

LFCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00992)

Lei Feng TV CMS aka LFCMS is a video-on-demand system developed using PHP and MySQL. A cross-site request forgery vulnerability exists in the admin.php?s=/Member/add.html page in LFCMS version 3.8.6. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS7AI score0.00523EPSS
Exploits1References1
OSV
OSV
added 2018/10/17 4:29 a.m.4 views

CVE-2018-18431

An issue was discovered in DESTOON B2B 7.0. XSS exists via certain text boxes to the admin.php?moduleid=2&action=add URI...

4.8CVSS5.8AI score0.00578EPSS
Exploits1References2
NVD
NVD
added 2018/10/15 4:29 a.m.15 views

CVE-2018-18317

DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI...

8.8CVSS8.8AI score0.00494EPSS
Exploits1References1
CVE
CVE
added 2018/10/15 4:0 a.m.37 views

CVE-2018-18317

DESHANG DSCMS 1.1 contains a cross-site request forgery (CSRF) vulnerability exposed via the public/index.php/admin/admin/add.html URI. A remote attacker can perform unauthorized operations through this endpoint. The CVE CVE-2018-18317 is documented in NVD with CVSSv2 base score 6.8 (Partial conf...

8.8CVSS8.7AI score0.00494EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/09/04 4:29 a.m.4 views

CVE-2018-16449

OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html...

6.5CVSS5.8AI score0.00556EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/27 12:0 a.m.3 views

Flexo CMS Cross-Site Request Forgery Vulnerability

Flexo CMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in Flexo CMS version 0.1.6. An attacker can exploit this vulnerability to add an administrator account with the help of the /admin/user/add page...

8.8CVSS8.8AI score0.00588EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/24 12:0 a.m.2 views

idreamsoft iCMS cross-site scripting vulnerability (CNVD-2018-14096)

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in versions of idreamsoft iCMS prior to 7.0.10. The vulnerability can be exploited by a remote attacker to inject arbitrary web script or HTML via the fourth and fif...

6.1CVSS5.9AI score0.00826EPSS
Exploits1References1
OSV
OSV
added 2018/04/11 6:29 a.m.2 views

CVE-2018-9991

Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter...

4.8CVSS5.8AI score0.00534EPSS
Exploits1References1
Rows per page
Query Builder