Lucene search
+L

40 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-16066

Malware in sbrugna...

8.8CVSS8.8AI score0.0065EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18733

Malicious code in bioql PyPI...

8.1CVSS5.7AI score0.00423EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1990

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00591EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.6 views

jshERP 安全漏洞

jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Shenghua in China. A security vulnerability exists in jshERP 3.5 and earlier versions, which stems from improper authorization due to incorrect manipulation of the parameter ID in the file /user/delete...

8.1CVSS5.2AI score0.0036EPSS
Exploits1References2
OSV
OSV
added 2025/06/20 10:15 a.m.3 views

CVE-2025-6329

A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file userdelete.php of the component User Delete Handler. The manipulation of the argument ID leads to authorization bypass. The attack m...

8.1CVSS5.5AI score0.00423EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.12 views

Real Estate Management System 安全漏洞

Real Estate Management System is an open source real estate management system from Itsourcecode. A security vulnerability exists in Real Estate Management System version 1.0, which results from an authorization bypass due to incorrect manipulation of the parameter ID in the file userdelete.php...

8.1CVSS5.5AI score0.00423EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:11 a.m.5 views

CVE-2023-23550

An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.8AI score0.03607EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-19033 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: An OS command injection issue exists in the ys thirdparty user delete functionality. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests t...

7.2CVSS7.8AI score0.03607EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/04/29 4:15 p.m.5 views

CVE-2022-0985

Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability...

4.3CVSS6.5AI score0.0055EPSS
Exploits0References2
0day.today
0day.today
added 2020/01/29 12:0 a.m.127 views

Cups Easy 1.0 - Cross Site Request Forgery (Password Reset) Vulnerability

Exploit for php platform in category web applications Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Versio...

0.01548EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/01/29 12:0 a.m.179 views

Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)

Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Version: 1.0 Tested on Windows 10/Kali...

8.8CVSS7.6AI score0.01548EPSS
Exploits6
OSV
OSV
added 2019/01/22 4:29 p.m.4 views

CVE-2019-6507

An issue was discovered in creditease-sec insight through 2018-09-11. loginuserdelete in srcpm/app/admin/views.py allows CSRF...

8.8CVSS5.8AI score0.0065EPSS
Exploits1References1
Prion
Prion
added 2019/01/22 4:29 p.m.12 views

Cross site request forgery (csrf)

An issue was discovered in creditease-sec insight through 2018-09-11. userdelete in srcpm/app/admin/views.py allows CSRF...

6.8CVSS8.6AI score0.0065EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/06/04 12:0 a.m.5 views

Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15867)

The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "user delete" method in Quest DR Series Disk Backup Software versions prior to 4.0.3.1. The vulnerability can be exploited to execute system commands via the 'user' parameter...

8.8CVSS9.2AI score0.04602EPSS
Exploits2References1
CNVD
CNVD
added 2018/01/29 12:0 a.m.2 views

SQL Injection Vulnerability in zzcms 8.2 user/del.php File

zzcms is an enterprise website builder program It is an enterprise website builder program. zzcms 8.2 version user/del.php file SQL injection vulnerability, attackers can exploit the vulnerability to access or modify the database data...

8AI score
Exploits0
CNVD
CNVD
added 2016/07/14 12:0 a.m.2 views

SQL Injection Vulnerability in zzcms user/del.php

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. SQL injection vulnerability exists in zzcms product version, the trigger point of the vulnerability is in user/del.php, the attacker can use the vulnerability to obtain sensitive...

7.9AI score
Exploits0References1
exploitpack
exploitpack
added 2014/09/12 12:0 a.m.13 views

Food Order Portal - admin_user_delete.php Cross-Site Request Forgery

Food Order Portal - adminuserdelete.php Cross-Site Request Forgery source: https://www.securityfocus.com/bid/69787/info Food Order Portal is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the...

0.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2012/01/29 4:4 a.m.2 views

CVE-2011-5068

Multiple cross-site request forgery CSRF vulnerabilities in Support Incident Tracker aka SiT! 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via userdelete.php and other unspecified programs...

6.8CVSS5.5AI score0.00737EPSS
Exploits0References6
Cvelist
Cvelist
added 2009/05/20 7:0 p.m.22 views

CVE-2009-1733

Cross-site request forgery CSRF vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that 1 change the password, 2 add users, or 3 delete users via unknown vectors...

7.1AI score0.00581EPSS
Exploits0References4
CVE
CVE
added 2009/05/20 7:0 p.m.39 views

CVE-2009-1733

CVE-2009-1733 describes a CSRF vulnerability in IPplan 4.91a that can allow an attacker to hijack administrator authentication to perform actions such as changing passwords and adding or deleting users, via unknown vectors. The affected software is IPplan (web admin interface), with the underlyin...

6.8CVSS7.3AI score0.00581EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder