EUVD-2011-0563

Malware in sbrugna...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35520）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 is vulnerable to SQL injection, which originates from /admin/uesrs.php & action=type & userrole=User & userid= in the userid parameter missing validation of...

Sql injection

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=...

CVE-2022-28437

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3...

HackerOne: Team Member███ associated with a Custom Group Created with 'Program Managment' only permissions can Comments on Bug Reports

Hi Team, Legend ====== AppSecBounty = Bug ProgramSandbox Program Hacker1001 = Bug Reporter BugAdmin = Program Admin BugMember = Team Member associated ProgramManagement Group ProgramManagement Group = Custom Group created with "Program Management Permission" Steps: 1. Hacker1001 reports a Bug to...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in adduser.do in Symantec LiveUpdate Administrator LUA before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole...

CVE-2011-0545

Cross-site request forgery CSRF vulnerability in adduser.do in Symantec LiveUpdate Administrator LUA before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole...