CVE-2025-10798

A vulnerability was identified in code-projects Hostel Management System 1.0. Impacted is an unknown function of the file /justines/admin/modroomtype/index.php?view=view. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2025-10798 code-projects Hostel Management System index.php sql injection

A vulnerability was identified in code-projects Hostel Management System 1.0. Impacted is an unknown function of the file /justines/admin/modroomtype/index.php?view=view. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2025-10798

Code-projects Hostel Management System 1.0 is affected by a SQL injection in /justines/admin/mod_roomtype/index.php?view=view, caused by unsanitized input in the ID parameter. Several sources (NVD, Red Hat, CNVD, CVE lists) confirm remote exploitation with publicly available exploit code, implyin...

CVE-2019-10798

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

CVE-2018-10798

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second...

CVE-2024-10798 Royal Elementor Addons and Templates <= 1.7.1003 - Authenticated (Contributor+) Post Disclosure

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers,...

WordPress Royal Elementor Addons Plugin <= 1.7.1003 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.7.1003 Fixed in 1.7.1004 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10798 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID d20124b7cf36 Credits...

CVE-2019-10798

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

CVE-2019-10798

CVE-2019-10798 concerns prototype pollution in the JavaScript graph library rdf-graph-array (affected up to 0.3.0-rc6). The issue arises from rdf.Graph.prototype.add being able to inject/modify properties on Object.prototype. Public sources (NVD/Red Hat/Snyk/Veracode, etc.) describe this as a pro...

@rdfoo/rdf-parser-n3 (>=0.3.0 <=0.4.0), arca-ontodia (>=0.9.36 <=0.9.47) +63 more potentially affected by CVE-2019-10798 via rdf-graph-array (=0.3.0)

rdf-graph-array NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on rdf-graph-array and may be impacted: - @rdfoo/rdf-parser-n3 =0.3.0, =0.9.36, =0.3.0, =0.0.2, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.0.1-alpha.1, =0.1.0, =0.1.0, =0.5.0 and...

CVE-2016-10798

The CVE-2016-10798 entry applies to cPanel before 58.0.4, where the rearrangeacct functionality can change file ownership to the user account “nobody.” The issue is documented across multiple connected sources (Red Hat advisory, NVD entry, CNVD, PRION, CVE listings) and is tied to improper handli...

CVE-2018-10798

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second...

CVE-2018-10798

CVE-2018-10798 affects Brave

CVE-2018-10798

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second...

ObjectPlanet Opinio 7.6.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Vendor: ObjectPlanet Product: Opinio Version: Up to 7.6.3 inclusive Homepage: http://www.objectplanet.com/opinio/ CVE: CVE-2017-10798 Description ================ Reflected XSS vulnerability in ObjectPlanet Opinio up to version 7.6.3...

CVE-2017-10798

ObjectPlanet Opinio vulnerable to a reflected XSS in versions up to 7.6.3, fixed in 7.6.4. The issue affects the /admin/reportPortal.do page via the userLanguage GET parameter, exploitable by remote unauthenticated users. Proof-of-concept shows a crafted input can trigger script execution; upgrad...