CVE-2025-63717

The change password functionality at /petgrooming/admin/changepass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks. The application does not implement adequate anti-CSRF tokens or same-site cookie restrictions, allowing attackers...

CVE-2024-0362

A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/change-password.php. The manipulation of the argument cpass leads to sql injection. The exploit has been disclosed to the...

CVE-2020-12429

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/checkavailability.php, admin/index.php, change-password.php, checkavailability.php, includes/header.php,...

VideoScript <= 4.0.1.50 Admin Change Password Exploit

Exploit for unknown platform in category web applications ===================================================== VideoScript === XPL === / errorreportingEALL; $G4N0K = "JEc0TjBLID0gPDw8RU9HDQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09"...

[SA12649] Baal Smart Forms &quot;Admin Change Password&quot; Security Bypass

TITLE: Baal Smart Forms "Admin Change Password" Security Bypass SECUNIA ADVISORY ID: SA12649 VERIFY ADVISORY: http://secunia.com/advisories/12649/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Baal Smart Forms 3.x http://secunia.com/product/3949/ DESCRIPTION: ...