267 matches found
CVE-2026-15498
CVE-2026-15498 affects the sergomanov SmartHomeAdatum product, specifically the Login component’s file users.php . The root cause is improper handling of the Login argument, which enables a SQL injection. The vulnerability is exploitable remotely over the network. No version details are provided ...
EUVD-2026-43220
A vulnerability was identified in sergomanov SmartHomeAdatum up to cf495353d81b680675eb8d9aa14a318aa45ce12c. This impacts an unknown function of the file users.php of the component Login. Such manipulation of the argument Login leads to sql injection. The attack may be launched remotely. This...
CVE-2026-11518
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...
PT-2026-47433
A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import users.php. The manipulation of the argument raw password wit...
CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization
A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...
CVE-2018-25397 PHP-SHOP 1.0 Cross-Site Request Forgery via users.php
PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that automatically submits POST...
CVE-2019-25682
CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that submit POST requests to the users.php endpoint...
EUVD-2018-1855
Malware in sbrugna...
EUVD-2020-2886
Malware in sbrugna...
EUVD-2005-2323
Malware in sbrugna...
EUVD-2007-1544
Malware in sbrugna...
EUVD-2018-3563
Malware in sbrugna...
EUVD-2017-15600
Malware in sbrugna...
EUVD-2006-3313
Malware in sbrugna...
EUVD-2008-5411
Malware in sbrugna...
EUVD-2006-0829
Malware in sbrugna...
EUVD-2012-2230
Malware in sbrugna...
EUVD-2021-25787
Malware in sbrugna...
EUVD-2003-1337
Malware in sbrugna...
EUVD-2024-53609
Malicious code in bioql PyPI...