EUVD-2018-21643

Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. Attackers can craft malicious web pages that submit POST requests to createuser.php with parameters including username,...

CVE-2018-25190

Easyndexer 1.0 is affected by a CSRF in createuser.php that enables unauthenticated attackers to create administrative accounts by submitting forged POSTs with username, password, name, surname, and privileges=1. CVSS v3.1: 5.3 (NETWORK, LOW CA/PR, NONE UI) with I/L; CVSS v4.0: 6.9 (NETWORK, LOW ...

CVE-2018-25190 Easyndexer 1.0 Cross-Site Request Forgery via createuser.php

Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. Attackers can craft malicious web pages that submit POST requests to createuser.php with parameters including username,...

CVE-2018-25190

Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. Attackers can craft malicious web pages that submit POST requests to createuser.php with parameters including username,...

CVE-2026-2009

A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/phpaction/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-2009

The vulnerability CVE-2026-2009 affects SourceCodester Gas Agency Management System 1.0. It targets the file /gasmark/php_action/createUser.php, where improper access controls allow manipulation that enables unauthorized account creation. Exploitation appears remote and an exploit has been publis...

PT-2026-6687

Name of the Vulnerable Software and Affected Versions SourceCodester Gas Agency Management System version 1.0 Description A flaw exists due to improper access controls in the processing of the /gasmark/php action/createUser.php file. This allows for unauthorized creation of accounts. The issue is...

Simple Banking System createuser.php File SQL Injection Vulnerability

Simple Banking System is a simple banking system. Simple Banking System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Name in the file /createuser.php. An attacker can exploit this vulnerability to execute...

EUVD-2025-32697

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

CVE-2025-11357 code-projects Simple Banking System createuser.php sql injection

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

PT-2025-40969

Name of the Vulnerable Software and Affected Versions code-projects Simple Banking System version 1.0 Description A security flaw exists in code-projects Simple Banking System 1.0 related to the processing of the /createuser.php file. Manipulation of the Name argument can lead to SQL injection...

CVE-2025-6891 code-projects Inventory Management System createUser.php sql injection

A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /phpaction/createUser.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploi...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter Username in the file /phpaction/createUser.php for externally entered SQL statements. An attacker can...

CVE-2022-2672

A vulnerability was found in SourceCodester Garage Management System. It has been classified as critical. Affected is an unknown function of the file createUser.php. The manipulation of the argument userName/uemail leads to sql injection. It is possible to launch the attack remotely. The exploit...

Cross site scripting

A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...

CVE-2024-0424

The CVE-2024-0424 entry concerns CodeAstro Simple Banking System 1.0, with a cross-site scripting vulnerability in an unknown portion of createuser.php (Create a User Page). The issue is exploitable remotely and details indicate an XSS condition, but the provided documents do not specify affected...

CVE-2024-0424 CodeAstro Simple Banking System Create a User Page createuser.php cross site scripting

A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...

CVE-2023-1475 SourceCodester Canteen Management System createuser.php query sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Canteen Management System 1.0. This issue affects the function query of the file createuser.php. The manipulation of the argument uemail leads to sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2022-2672

A vulnerability was found in SourceCodester Garage Management System. It has been classified as critical. Affected is an unknown function of the file createUser.php. The manipulation of the argument userName/uemail leads to sql injection. It is possible to launch the attack remotely. The exploit...