CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59 matches found

NVD•added 2023/07/10 4:15 p.m.•9 views

CVE-2023-3579

A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to t...

8.8CVSS5.7AI score0.00234EPSS

Exploits1References3

OSV•added 2023/07/10 4:15 p.m.•1 views

CVE-2023-3579

8.8CVSS4.9AI score0.00234EPSS

Exploits1References3

CVE•added 2023/07/10 11:31 a.m.•36 views

CVE-2023-3579

CVE-2023-3579 affects HadSky 7.11.8, specifically the User Handler component. The issue allows cross-site request forgery (CSRF) via an issue in a user-facing function; the attack is remote and exploits have been disclosed publicly. The connected sources consistently identify the vulnerability as...

8.8CVSS5.7AI score0.00234EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/07/10 11:31 a.m.•8 views

CVE-2023-3579 HadSky User cross-site request forgery

5CVSS6.8AI score0.00234EPSS

Exploits1References3

Cvelist•added 2023/07/10 11:31 a.m.•11 views

CVE-2023-3579 HadSky User cross-site request forgery

5CVSS8.8AI score0.00234EPSS

Exploits1References3

Positive Technologies•added 2023/07/10 12:0 a.m.•2 views

PT-2023-25406 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Fee Management System version 1.0 Description: A critical issue has been found, affecting the function save user of the file admin class.php in the component Add User Handler. This leads to improper access controls, allowi...

9.8CVSS7.4AI score0.00112EPSS

Exploits0References6

Positive Technologies•added 2023/07/10 12:0 a.m.•3 views

PT-2023-25315 · Hadsky · Hadsky

Name of the Vulnerable Software and Affected Versions: HadSky version 7.11.8 Description: A problematic issue has been found in the User Handler component, leading to cross-site request forgery. The manipulation can be launched remotely. Recommendations: For HadSky version 7.11.8, at the moment,...

8.8CVSS6.9AI score0.00234EPSS

Exploits1References4

CNNVD•added 2023/07/10 12:0 a.m.•3 views

HadSky 跨站请求伪造漏洞

HadSky is an original open source php light forum system from China's HadSky company. A cross-site request forgery vulnerability exists in HadSky version 7.11.8, which stems from the component User Handler that causes cross-site request forgery...

8.8CVSS5.5AI score0.00234EPSS

Exploits1References4

CNVD•added 2023/07/04 12:0 a.m.•12 views

IBOS OA SQL Injection Vulnerability

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the lack of validation of the parameter id in the component Add User Handler against externally entered SQL statements, and can be exploited by an attacker to...

7.2CVSS8.3AI score0.00068EPSS

Exploits1References1

Prion•added 2023/06/30 12:15 p.m.•11 views

Sql injection

A vulnerability classified as critical was found in IBOS OA 4.5.5. Affected by this vulnerability is the function actionEdit of the file ?r=dashboard/roleadmin/edit&op=member of the component Add User Handler. The manipulation of the argument id leads to sql injection. The attack can be launched...

5.8CVSS7.2AI score0.00068EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/06/30 12:0 p.m.•9 views

CVE-2023-3478 IBOS OA Add User edit&op=member actionEdit sql injection

5.8CVSS7.2AI score0.00068EPSS

Exploits1References3

CNNVD•added 2023/06/30 12:0 a.m.•1 views

IBOS SQL注入漏洞

7.2CVSS8.2AI score0.00068EPSS

Exploits1References4

OSV•added 2022/10/17 12:15 p.m.•1 views

CVE-2022-3546

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last...

4.8CVSS3.8AI score0.00919EPSS

Exploits0References2

NVD•added 2022/10/17 12:15 p.m.•14 views

CVE-2022-3546

4.8CVSS0.00919EPSS

Exploits0References2

ATTACKERKB•added 2022/10/17 12:15 p.m.•1 views

CVE-2022-3546

4.8CVSS3.6AI score0.00919EPSS

Exploits0References3Affected Software1

Prion•added 2022/10/17 12:15 p.m.•16 views

Cross site scripting

4.3CVSS4.8AI score0.00919EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/10/17 12:0 a.m.•16 views

CVE-2022-3546 SourceCodester Simple Cold Storage Management System Create User cross site scripting

2.4CVSS5.1AI score0.00919EPSS

Exploits0References2

Positive Technologies•added 2022/10/17 12:0 a.m.•4 views

PT-2022-22834 · Sourcecodester · Sourcecodester Simple Cold Storage Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Cold Storage Management System version 1.0 Description: A vulnerability was found in the Create User Handler component of the SourceCodester Simple Cold Storage Management System. The issue affects some unknown...

4.8CVSS4.8AI score0.00919EPSS

Exploits0References5

Prion•added 2017/10/09 5:29 a.m.•9 views

Cross site scripting

IDenticard Two-Reader Controller Configuration Manager 1.18.8 396 is vulnerable to Stored Cross-Site Scripting XSS via the notes field in /userhandler?file=loggedin.shtm aka the edit user page...

3.5CVSS5.2AI score0.00206EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by