PT-2026-46977

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2025-63218

The Axel Technology WOLF1MS and WOLF2MS devices firmware versions 0.8.5 to 1.0.3 are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and...

EUVD-2018-10450

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-26310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pandora FMS v7.0NG.760 and below allows an improper authorization in User Management where any authenticated user with access to the User Management module coul...

CVE-2022-43179

Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manageuser=...

Cross site request forgery (csrf)

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/user/add...

CVE-2023-3176

A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file admin\user\manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. Th...

PT-2023-23453 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue was found in the SourceCodester Lost and Found Information System. The problem affects an unknown function of the file adminusermanage user.php. The...

Lost and Found Information System SQL注入漏洞

Lost and Found Information System is a lost and found information system by oretnom23 individual developer. A SQL injection vulnerability exists in Lost and Found Information System version 1.0, which stems from a problem in the file adminusermanageuser.php, where incorrect manipulation of the...

PT-2023-23362 · Unknown · Sourcecodester Online Discussion Forum Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Discussion Forum Site version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file adminusermanage user.php. Thi...

Online Thesis Archiving System SQL注入漏洞

Online Thesis Archiving System is an online thesis archiving system. Online Thesis Archiving System version 1.0 has a sql injection vulnerability, which originates from the poor filtering of the id parameter in /admin/user/manageuser.php. An attacker can use this vulnerability to perform SQL...

CVE-2023-1740

A vulnerability was found in SourceCodester Air Cargo Management System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/user/manageuser.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible...

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that originates from /asms/admin/?page=user/manageuser&id=Lack of validation of externally entered...

CVE-2022-42230

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manageuser&id=...

CVE-2022-32400

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/user/manageuser.php:4...

CVE-2022-32341

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manageuser&id=...

CVE-2022-31969

ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simplechatbot/admin/?page=user/manageuser&id=...

XSS vulnerability in invite-users-panel.vm [$i18n.getText('easyuser.send.invitations.email.placeholder', [$siteTitle]), line 37]

Panopticon http://panopticon.dyn.syd.atlassian.com/ has detected that the following file contains a XSS vulnerability. This vulnerability has been manually confirmed. File: confluence-plugins/confluence-bundled-plugins/confluence-easyuser-admin/src/main/resources/templates/invite-users-panel.vm...