CVE-2020-37235

WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject...

EUVD-2020-31237

WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows authenticated users to inject malicious scripts by manipulating the Logo URL parameter. Attackers with editor, administrator, contributor, or author privileges can inject...

CVE-2020-37235

CVE-2020-37235 concerns WordPress Theme Wibar 1.1.8, where a stored XSS flaw exists in the Brand component. The vulnerability allows authenticated users with editor/administrator/contributor/author roles to inject base64-encoded script payloads via the ftc_brand_url input field, resulting in arbi...

EUVD-2025-33872

A security flaw has been discovered in SourceCodester Simple Inventory System 1.0. This issue affects some unknown processing of the file /brand.php. The manipulation of the argument editBrandName results in sql injection. The attack can be executed remotely. The exploit has been released to the...

CVE-2025-11610

A security flaw has been discovered in SourceCodester Simple Inventory System 1.0. This issue affects some unknown processing of the file /brand.php. The manipulation of the argument editBrandName results in sql injection. The attack can be executed remotely. The exploit has been released to the...

CVE-2025-44180

Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting XSS in /edit-brand.php?bid=brandId...

PHPGurukul Vehicle Record Management System 安全漏洞

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in /edit-brand.php, which can be exploited by an attacker t...

CVE-2025-44180

Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting XSS in /edit-brand.php?bid=brandId...

CVE-2025-44180

CVE-2025-44180 affects Phpgurukul Vehicle Record Management System v1.0. Affected component: /edit-brand.php (bid parameter). Root cause: inadequate input filtering/escaping of user-supplied data, enabling Cross-Site Scripting (XSS). Impact: potential execution of arbitrary web script in the cont...

CVE-2024-4798

A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/managebrand.php. The manipulation of the argument id leads to sql injection. The attack may...

CVE-2023-1988

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=maintenance/brand. The manipulation of the argument Brand Name leads to cross site scripting. The attack ma...

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...

CVE-2022-46126

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/managebrand.php?id=...

isnap.com XSS vulnerability

Vulnerable URL: http://www.isnap.com/desktop/brand.php?id=452'"--!...