Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-1728

Malware in sbrugna...

7.5CVSS6.4AI score0.0685EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-23646

Malware in sbrugna...

8.8CVSS8.6AI score0.00337EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-39337

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0102EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2023/06/08 2:15 p.m.6 views

CVE-2023-33443

Incorrect access control in the administrative functionalities of BES--6024PB-I50H1 VideoPlayTool v2.0.1.0 allow attackers to execute arbitrary administrative commands via a crafted payload sent to the desired endpoints...

9.8CVSS6.1AI score0.03501EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/16 10:15 p.m.6 views

CVE-2022-26173

JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...

8.8CVSS5.9AI score0.00671EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/02/28 9:6 a.m.29 views

CVE-2021-24803 Core Tweaks WP Setup <= 4.1 - Arbitrary Admin Account Creation / Admin Email Update via CSRF

The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a new admin account. There is no CSRF protection in place, allowing an attacker to arbitrary change the admin email or create another admin account a...

8.8AI score0.00618EPSS
Exploits2References1
Patchstack
Patchstack
added 2021/10/21 12:0 a.m.568 views

WordPress Core Tweaks WP Setup plugin <= 4.1 - Arbitrary Admin Account Creation / Admin Email Update via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Admin Account Creation / Admin Email Update via Cross-Site Request Forgery CSRF vulnerability discovered by Francesco Carlucci in WordPress Core Tweaks WP Setup plugin versions = 4.1. Solution Deactivate and delete. This plugin has been closed as of October 7, 2021 and is not available...

8.8CVSS2.8AI score0.00618EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2021/10/06 10:15 p.m.19 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL...

4.3CVSS6.4AI score0.00476EPSS
Exploits1References1Affected Software1
wpexploit
wpexploit
added 2021/10/05 12:0 a.m.129 views

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Unauthenticated Arbitrary Admin Account Creation

The tcpregisterandloginajax AJAX action of the plugin allows unauthenticated users to create accounts with an arbitrary role such as admin POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language: en-GB,en;q=0.5...

2.9AI score
Exploits0References1
CNVD
CNVD
added 2019/03/25 12:0 a.m.3 views

SoftNAS Cloud Command Execution Vulnerability

SoftNAS Cloud is a software-defined NAS file management system from US-based SoftNAS. The system is primarily used to provide enterprise-class NAS functionality, including encryption, snapshots and automatic failover. A security vulnerability exists in SoftNAS Cloud versions 4.2.0 and 4.2.1. A...

10CVSS7.5AI score0.05845EPSS
Exploits0References1
Prion
Prion
added 2018/07/05 8:29 p.m.16 views

Cross site request forgery (csrf)

In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...

6.8CVSS8.6AI score0.02385EPSS
Exploits6References2Affected Software1
0day.today
0day.today
added 2018/06/28 12:0 a.m.34 views

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESC...

0.1AI score0.02385EPSS
Exploits6
seebug.org
seebug.org
added 2016/05/10 12:0 a.m.26 views

百为流控路由设计不当 可任意添加管理员

POST /goform/webForm HTTP/1.0 Referer: ...:2011/advance/adminuser.htm?v=20130320 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Accept: / Accept-Language: zh-CN Proxy-Connection: Keep-Alive User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; Trident/7.0; rv:11.0 like...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/04/06 6:29 a.m.2 views

baserCMS plugin "Menubook Plugin" vulnerable to cross-site request forgery

Overview baserCMS plugin "Menubook Plugin" contains a cross-site request forgery vulnerability. CWE-352 Takaesu Isao of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

8.8CVSS6.7AI score0.00629EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Thickbox Gallery 2.0 - (admins.php) Admin Data Disclosure Vulnerability

No description provided by source. + Thickbox Gallery v2 Admin Data Disclosure + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz + Arbitrary Admin Data Disclosure - Go here and you will see the admin data login name + crypted...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access

No description provided by source. --==+================================================================================+==-- --==+ ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access +==-- --==+================================================================================+==--...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/03/27 12:0 a.m.35 views

AdaptCMS Lite 1.5 - Arbitrary Add Admin

=========================================================================== Topic : AdaptCMSLite1.5 2009-07-07 Bug type : change admin user,passwd & add new admin user exploit Download : http://sourceforge.net/projects/adaptcms/files/AdaptCMS%20Lite%20v1/1.5/AdaptCMSLite1.5.zip/download Advisory ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/02/18 12:0 a.m.21 views

Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection Cross-Site Scripting Arbitrary Admin Change

Open Source Classifieds 1.1.0 Alpha OSClassi - SQL Injection Cross-Site Scripting Arbitrary Admin Change / / / | | \ | |/ | ' \ / | / / / | ' / | \ \ | | | | | | | | | / / | | | \ \ /|/|| || ||,| /,|./|/...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/05 12:0 a.m.29 views

txtBB 1.0 RC3 - HTML/JS Injection / Arbitrary Add Admin Privileges

var req = new XMLHttpRequest; req.open'POST', 'admin.php?action=users&type=edit&login=USERNICK&save=1', false; req.setRequestHeader'Content-Type', 'application/x-www-form-urlencoded'; req.send'signature=&avatar=&type=3&password=&submit=Zapisz'; milw0rm.com 2009-02-05...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/12/28 12:0 a.m.31 views

FubarForum 1.6 Arbitrary Admin Bypass Vulnerability

No description provided by source. in the name of god ..:: [email protected] ::.. Tanx from : Expl0its Script : FubarForum Version : 1.6 Dork : "Powered by FubarForum v1.6" /forum/index.php?page=admin milw0rm.com 2008-12-28...

7.1AI score
Exploits0
Rows per page
Query Builder