EUVD-2026-33165

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the aftervalidatesavepost function unconditionally trusting the attacker-controlled acfpostid POST...

Gas Agency Management 2022 Cross Site Request Forgery

============================================================================================================================================= | Title : Gas Agency Management 2022 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits...

CVE-2023-43901

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...

CVE-2023-43901

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...

BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Bigace CMS CSRF - Adding an admin account Date: 2013 29 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.bigace.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2.7.8 Contacts: http://Twitter.com/YShahinzadeh ,...

HIOX Browser Statistics 2.0 - Arbitrary Add Admin

HIOX Browser Statistics 2.0 - Arbitrary Add Admin "; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? table align=center valign=center bgcolo...