40 matches found
EUVD-2019-16066
Malware in sbrugna...
EUVD-2025-18733
Malicious code in bioql PyPI...
EUVD-2023-1990
Malicious code in bioql PyPI...
jshERP 安全漏洞
jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Shenghua in China. A security vulnerability exists in jshERP 3.5 and earlier versions, which stems from improper authorization due to incorrect manipulation of the parameter ID in the file /user/delete...
CVE-2025-6329
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file userdelete.php of the component User Delete Handler. The manipulation of the argument ID leads to authorization bypass. The attack m...
Real Estate Management System 安全漏洞
Real Estate Management System is an open source real estate management system from Itsourcecode. A security vulnerability exists in Real Estate Management System version 1.0, which results from an authorization bypass due to incorrect manipulation of the parameter ID in the file userdelete.php...
CVE-2023-23550
An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...
PT-2023-19033 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: An OS command injection issue exists in the ys thirdparty user delete functionality. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests t...
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability...
Cups Easy 1.0 - Cross Site Request Forgery (Password Reset) Vulnerability
Exploit for php platform in category web applications Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Versio...
Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)
Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Version: 1.0 Tested on Windows 10/Kali...
CVE-2019-6507
An issue was discovered in creditease-sec insight through 2018-09-11. loginuserdelete in srcpm/app/admin/views.py allows CSRF...
Cross site request forgery (csrf)
An issue was discovered in creditease-sec insight through 2018-09-11. userdelete in srcpm/app/admin/views.py allows CSRF...
Quest DR Series Disk Backup Software Command Injection Vulnerability (CNVD-2018-15867)
The Quest DR Series are disk storage and deduplication appliances. A command injection vulnerability exists in the "user delete" method in Quest DR Series Disk Backup Software versions prior to 4.0.3.1. The vulnerability can be exploited to execute system commands via the 'user' parameter...
SQL Injection Vulnerability in zzcms 8.2 user/del.php File
zzcms is an enterprise website builder program It is an enterprise website builder program. zzcms 8.2 version user/del.php file SQL injection vulnerability, attackers can exploit the vulnerability to access or modify the database data...
SQL Injection Vulnerability in zzcms user/del.php
ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. SQL injection vulnerability exists in zzcms product version, the trigger point of the vulnerability is in user/del.php, the attacker can use the vulnerability to obtain sensitive...
Food Order Portal - admin_user_delete.php Cross-Site Request Forgery
Food Order Portal - adminuserdelete.php Cross-Site Request Forgery source: https://www.securityfocus.com/bid/69787/info Food Order Portal is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the...
CVE-2011-5068
Multiple cross-site request forgery CSRF vulnerabilities in Support Incident Tracker aka SiT! 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via userdelete.php and other unspecified programs...
CVE-2009-1733
Cross-site request forgery CSRF vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that 1 change the password, 2 add users, or 3 delete users via unknown vectors...
CVE-2009-1733
CVE-2009-1733 describes a CSRF vulnerability in IPplan 4.91a that can allow an attacker to hijack administrator authentication to perform actions such as changing passwords and adding or deleting users, via unknown vectors. The affected software is IPplan (web admin interface), with the underlyin...