Lucene search
K

15 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/05 4:13 p.m.4 views

CVE-2020-37144

Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers to create unauthorized admin accounts through a crafted HTML form. Attackers can trick users into submitting a malicious form to /kulyon.php that adds a new user with administrative privileges without...

5.3CVSS5.1AI score0.00175EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.13 views

CVE-2022-29647

An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

8.8CVSS6.9AI score0.00642EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 p.m.8 views

CVE-2020-35347

CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser=add...

6.5CVSS7AI score0.00434EPSS
Exploits1
Cvelist
Cvelist
added 2025/02/06 12:0 a.m.15 views

CVE-2024-57523

Cross Site Request Forgery CSRF in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user...

0.00462EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2023/07/20 12:0 a.m.254 views

PimpMyLog 1.7.14 Improper Access Control

Exploit Title: PimpMyLog v1.7.14 - Improper access control Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2022/01/28 4:37 p.m.22 views

CVE-2022-22294

A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...

9.9AI score0.01148EPSS
Exploits1References2
OSV
OSV
added 2021/02/01 3:15 p.m.17 views

CVE-2020-24271

A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username=&password=...

8.8CVSS6.9AI score0.00602EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/01/15 12:59 p.m.32 views

CVE-2012-1563

Joomla! before 2.5.3 allows Admin Account Creation...

7.5AI score0.08896EPSS
Exploits3References3
CVE
CVE
added 2019/06/24 6:10 p.m.72 views

CVE-2019-9958

The CVE-2019-9958 entry affects Quadbase EspressReport ES (ERES) v7.0 update 7, where a CSRF flaw in the admin panel allows remote attackers to escalate privileges or create new admin accounts by coercing an authenticated admin’s session to perform unintended requests. The vulnerability arises fr...

8.8CVSS8.7AI score0.00777EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/02/11 9:29 p.m.12 views

Cross site request forgery (csrf)

A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit...

6.8CVSS8.6AI score0.0065EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/06/20 12:0 a.m.4 views

PT-2018-3907 · Cisco · Cisco Fxos +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software versions prior to the fixed version Cisco NX-OS Software versions prior to the fixed version Description: A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an...

7.2CVSS6.6AI score0.00466EPSS
Exploits0References6
NVD
NVD
added 2018/04/22 1:29 a.m.14 views

CVE-2018-10265

An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI...

8.8CVSS8.7AI score0.00465EPSS
Exploits0References1
NVD
NVD
added 2018/04/16 9:58 a.m.9 views

CVE-2018-10117

An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP...

8.8CVSS8.7AI score0.00554EPSS
Exploits1References1
0day.today
0day.today
added 2011/02/09 12:0 a.m.10 views

AIOCP 1.4.001 CSRF Vulnerability

Exploit for php platform in category web applications img...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2009/05/22 6:0 p.m.18 views

CVE-2009-1771

index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote attackers to create or modify admin accounts via the 1 usersfullname, 2 usersemail, 3 usersroleid, 4 usersusername, and 5 userspassword parameters...

7AI score0.02463EPSS
Exploits1References3
Rows per page
Query Builder