11 matches found
CVE-2026-30557
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...
CVE-2018-25207 Online Quiz Maker 1.0 SQL Injection via catid Parameter
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to...
CVE-2026-3135
A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been made...
EUVD-2025-2012
Malicious code in bioql PyPI...
CVE-2023-0945
A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input " leads to cross site scripting. It is possible to launch...
CVE-2025-1114
A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /admin/categories/save of the component Add Category Page. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack...
CVE-2025-1114
A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /admin/categories/save of the component Add Category Page. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack...
CVE-2025-1114 newbee-mall Add Category Page save cross site scripting
A vulnerability classified as problematic has been found in newbee-mall 1.0. Affected is the function save of the file /admin/categories/save of the component Add Category Page. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack...
CVE-2025-1114
CVE-2025-1114 affects newbee-mall 1.0. The vulnerability resides in the Save function of /admin/categories/save (Add Category Page). Manipulating the categoryName parameter triggers cross-site scripting. The issue is exploitable remotely and the public exploit is available per the description. Th...
newbee-mall 代码注入漏洞
newbee-mall is a newbee open source e-commerce system . Newbee-mall 1.0 version of the code injection vulnerability exists , the vulnerability stems from the component Add Category Page file /admin/categories/save function save the parameter categoryName will lead to cross-site scripting attacks...
PT-2020-18397 · Phpgurukul · Phpgurukul Dairy Farm Shop Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Dairy Farm Shop Management System version 1.0 Description: The issue allows for XSS attacks, as demonstrated by the category and CategoryCode parameters in "add-category.php", the CompanyName parameter in "add-company.php", and the...