106 matches found
WSO2 User Registration - Arbitrary Account Creation
The SOAP admin service in WSO2 products has a security vulnerability that allows the creation of new user accounts regardless of the self-registration configuration settings. id: CVE-2024-7097 info: name: WSO2 User Registration - Arbitrary Account Creation author: iamnoooob,rootxharsh,pdresearch...
CVE-2026-3640 STRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API Endpoint
The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permissioncallback of returntrue, which allows all incoming requests...
PT-2026-29952
Fleet's user account creation via invite does not enforce invited email address in github.com/fleetdm/fleet...
CVE-2009-4787
Multiple cross-site request forgery CSRF vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact...
CVE-2025-57244
OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...
CVE-2023-7325 Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF
Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery SSRF vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix...
CVE-2023-7325
CVE-2023-7325 affects Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10. The vulnerability is a server-side request forgery (SSRF) in the xmlrpc.sock handler that accepts crafted XML-RPC requests to reach internal unix socket RPC endpoints and execute privileg...
EUVD-2017-9517
Malware in sbrugna...
EUVD-2017-16212
Malware in sbrugna...
EUVD-2017-1253
Malware in sbrugna...
EUVD-2017-18450
Malware in sbrugna...
EUVD-2012-2588
Malware in sbrugna...
EUVD-2008-1970
Malware in sbrugna...
EUVD-2018-10177
Malware in sbrugna...
EUVD-2018-9952
Malware in sbrugna...
EUVD-2015-4606
Malware in sbrugna...
EUVD-2020-27017
Malware in sbrugna...
EUVD-2014-8977
Malware in sbrugna...
EUVD-2006-0112
Malware in sbrugna...
EUVD-2008-0401
Malware in sbrugna...