An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 (2021-0
A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /vendor_management.php. The manipulation of the
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator
A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file hostel/index.php of the comp
phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in AbstractAdministrationController::userHasPermission() that fails to terminate execution after sending a forbidden response. Atta
UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted PO
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted PO
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an unknown function of the file d
A vulnerability was identified in ealpha072 Student-Management-System up to 01451bd7a2f58cdda07bd0b86e3967582e3ecd08. Affected by this issue is some unknown functionality of the file admin/config.php
A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the compo
A vulnerability was determined in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /admin_pic.php. Executing a manipulation can lead to unr
Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the
A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to s
Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials.
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requ
Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0.
A vulnerability has been found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operation
Page 1+ Next →