4 matches found
CVE-2020-37046
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...
Courier Deprixa Pro Integrated Web System 3.2.5 Cross Site Request Forgery
==================================================================================================================================== | Title : Courier Deprixa Pro - Integrated Web System v3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...
CVE-2008-2488
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts...
CVE-2008-2488
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts...