CVE-2020-37046

Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...

Cross-site Scripting (XSS)

moonshine/moonshine is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the application allowing malicious HTML payloads in the Name parameter when creating a new Admin, leading to arbitrary JavaScript execution...

Malicious code in new-admin (npm)

The package new-admin was found to contain malicious code...

MAL-2025-27340 Malicious code in new-admin (npm)

The package new-admin was found to contain malicious code...

CVE-2020-22251

Cross Site Scripting XSS vulnerability in phpList 3.5.3 via the login name field in Manage Administrators when adding a new admin...

CVE-2022-1248

A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...

Online Shopping System Master 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : online shopping system master v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...

CVE-2024-28195 Cross-Site Request Forgery (CSRF) vulnerability in API and login in your_spotify

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions 1.9.0 do not protect the API and login flow against Cross-Site Request Forgery CSRF. Attackers can use this to execute CSRF attacks on victims, allowing them to retrieve, modify or delete data on the...

Exploit for Improper Authentication in Userproplugin Userpro

CVE-2023-2437 Hello, ALL , i m RxR I Coded Tool For Expl...

Atlassian Confluence Data Center and Server - Authentication Bypass Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

Courier Deprixa Pro Integrated Web System 3.2.5 Cross Site Request Forgery

==================================================================================================================================== | Title : Courier Deprixa Pro - Integrated Web System v3.2.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Alhotphp Article CMS 1.0 Cross Site Request Forgery

==================================================================================================================================== | Title : Alhotphp article CMS 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | |...

CVE-2020-22251

Cross Site Scripting XSS vulnerability in phpList 3.5.3 via the login name field in Manage Administrators when adding a new admin...

74CMS 5.0.1 Cross Site Request Forgery

Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE : CVE-2019-11374 74CMS v5.0.1 has a CSRF vulnerability to add...

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE : CVE-2019-11374 74CMS v5.0.1 has a CSRF vulnerability to add...

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

74CMS 5.0.1 - Cross-Site Request Forgery Add New Admin User Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE :...

Cross site request forgery (csrf)

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...

CVE-2019-11374

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...