10 matches found
CVE-2025-70891
A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...
CVE-2025-70891
A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...
CVE-2025-70891
A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...
CVE-2025-70891
A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...
PT-2026-3115
Name of the Vulnerable Software and Affected Versions Phpgurukul Cyber Cafe Management System version 1.0 Description The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the /add-users.php API endpoint, leading to a stored cross-site...
EUVD-2026-2684
A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...
CVE-2023-3253
An improper authorization vulnerability exists where an authenticated, low privileged remote attacker could view a list of all the users available in the application...
PT-2023-23860 · Tenable · Nessus
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An improper authorization issue exists, allowing an authenticated, low-privileged remote attacker to view a list of all users available in the...
Tenable Network Security Nessus 安全漏洞
Tenable Network Security Nessus is an open source system vulnerability scanner from US-based Tenable Network Security. A security vulnerability exists in versions of Tenable Network Security Nessus prior to 10.6.0, which stems from an incorrect authorization vulnerability that allows an...
Directus Information Disclosure Vulnerability
Directus is a real-time Api and application dashboard. It is used to manage Sql database content. An information disclosure vulnerability exists in Directus version 8.x prior to version 8.8.1, which can be exploited by an attacker to view all users in the CMS using API user id...