Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a SQL injection vulnerability that originates from...

CVE-2023-3599 SourceCodester Best Fee Management System Add User admin_class.php save_user access control

A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function saveuser of the file adminclass.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched...

Best Fee Management System 权限许可和访问控制问题漏洞

Best Fee Management System is a fee management system by Mayuri K. Individual developer. Best Fee Management System version 1.0 has a permissions licensing and access control issue vulnerability that stems from the saveuser function in the adminclass.php file that results in incorrect access...

CVE-2023-33440

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...

CVE-2023-1464

A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file Users.php?f=saveuser. The manipulation of the argument firstname/middlename/lastname/username/password leads to improper authentication. It is...

Authentication flaw

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...

CVE-2023-1460 SourceCodester Online Pizza Ordering System Password Change improper authentication

A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...

SourceCodester Medicine Tracker System 授权问题漏洞

Medicine Tracker System is a medication tracking system by the individual developer Carlo Montero. An authorization issue vulnerability exists in the SourceCodester Medicine Tracker System version 1.0, which stems from a security issue in Users.php?f=saveuser that causes incorrect authentication...

CVE-2020-19682

A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...

Cross site request forgery (csrf)

A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...

CVE-2020-19682

A Cross Site Request Forgery CSRF vulnerability exits in ZZZCMS V1.7.1 via the saveuser funciton in save.php...

CVE-2018-17104

An issue was discovered in Microweber 1.0.7. There is a CSRF attack against the admin user that can add an administrative account via api/saveuser...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a saveuser action...

CVE-2012-1203

Cross-site request forgery CSRF vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a saveuser action...