2 matches found
EUVD-2026-42506
The Divi Form Builder plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 5.1.8. This is due to the updateuser function accepting a user ID parameter from form submissions without verifying that the authenticated user has permission to edit that specific...
Student File Management System user_id Parameter SQL Injection Vulnerability
Student File Management System is a student file management system. A SQL injection vulnerability exists in Student File Management System, which originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /admin/updateuser.php. An attacker ca...