321 matches found
CVE-2024-30990
CVE-2024-30990 describes a SQL injection in the Invoices page of the phpgurukul Client Management System (PHP & MySQL, v1.1). The vulnerability allows an attacker to execute arbitrary SQL commands through the searchdata parameter. The Red Hat and CNNVD entries corroborate the same issue, with the...
Client Management System 跨站脚本漏洞
PHPGurukul Client Management System is a client management system from the US-based PHPGurukul, Inc. Phpgurukul Client Management System suffers from a cross-site scripting vulnerability that originates from cross-site scripting contained in search-invoices.php, which allows an attacker to execut...
PT-2024-23709 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the "Search bar" in the /search-invoices.php endpoint. This is a Cross Site Scripting...
PT-2024-23710 · Unknown · Phpgurukul Complaint Management System
Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System using PHP & MySQL version 1.1 Description: The issue allows attackers to execute arbitrary code via the cname, comname, state, and city parameters in the "/edit-client-details.php" endpoint. This enables...
CVE-2024-30989
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...
CVE-2024-30986
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...
HCL Technologies BigFix Mobile/Modern Client Management Cross-Site Scripting Vulnerability
HCL Technologies BigFix Mobile/Modern Client Management is a mobile device management software client from HCL Technologies. A security vulnerability exists in HCL Technologies BigFix Mobile/Modern Client Management v3.1 and prior versions, which stems from a stored cross-site scripting XSS...
Rockwell Automation ThinManager Path Traversal Vulnerability (CNVD-2023-64278)
Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers simultaneously. A path traversal vulnerability exists in Rockwell Automation Thinmanager Thinserver, which stems from the...
CVE-2021-27782
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...
Code injection
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...
HCL Technologies BigFix Mobile/Modern Client Management 安全漏洞
HCL Technologies BigFix Mobile/Modern Client Management is a mobile device management software client from HCL Technologies. A security vulnerability exists in HCL BigFix Mobile/Modern Client Management, which arises from a brute-force cracking of passwords in the configuration interface...
CVE-2021-27782 HCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attack
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...
CVE-2021-27782 HCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attack
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...
CVE-2021-27782
CVE-2021-27782 affects HCL BigFix Mobile / Modern Client Management Admin and Config UI. The issue allows brute-forcing of passwords in the configuration interfaces, with recommended user lockout after multiple invalid attempts. Connected sources confirm this behavior but do not consistently spec...
CVE-2021-43657
A Stored Cross-site scripting XSS vulnerability via MAster.php in Sourcecodetester Simple Client Management System SCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields...
CVE-2021-43657
A Stored Cross-site scripting XSS vulnerability via MAster.php in Sourcecodetester Simple Client Management System SCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields...
Simple Client Management System 跨站脚本漏洞
Simple Client Management System is a Simple Client Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Client Management System SCMS version 1.0, which stems from a stored cross-site scripting XSS vulnerability that could allow a remote attacker to...
PT-2022-11879 · Unknown · Sourcecodester Simple Client Management System
Name of the Vulnerable Software and Affected Versions: Sourcecodetester Simple Client Management System SCMS version 1.0 Description: A Stored Cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via vulnerable input fields in the MAster.php file. This...
CVE-2022-46125
Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manageclient&id=...
Helmet Store Showroom Site SQL注入漏洞
Helmet Store Showroom Site is a platform by Carlo Montero Personal Developer. It allows potential customers of Inquiries Stores to virtually display helmet products. A security vulnerability exists in Helmet Store Showroom Site v1.1, which stems from an SQL injection vulnerability via...