2 matches found
CVE-2006-2687
CVE-2006-2687 is a cross-site scripting (XSS) vulnerability in adduser.php of the PHP-AGTC Membership System, affecting version 1.1a and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the email address parameter (useremail). NVD metrics assign a medium base ...
CVE-2007-5752
CVE-2007-5752 affects the PHP-AGTC Membership System (AGTC-Membership) 1.1a. The vulnerability is in adduser.php, which does not require authentication, allowing remote attackers to create accounts via a modified form, demonstrated by an account with admin (userlevel 4) privileges. Documented imp...