Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.13 views

CVE-2026-23752

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary JavaScript by manipulating the companyname POST parameter without HTML sanitization. Attackers can...

4.8CVSS5.5AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-23365

Malware in sbrugna...

5.4CVSS5.6AI score0.00595EPSS
Exploits1References3
CNVD
CNVD
added 2025/08/20 12:0 a.m.3 views

Medical Store Management System UpdateCompany.java File SQL Injection Vulnerability

Medical Store Management System is a pharmacy management system. The Medical Store Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter companyNameTxt in the file UpdateCompany.java. An...

8.8CVSS8.3AI score0.00352EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/21 12:0 a.m.2 views

Dairy Farm Shop Management System edit-company.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the edit-company.php parameter companyname...

8.8CVSS7.1AI score0.00318EPSS
Exploits1References1
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

Dairy Farm Shop Management System /add-company.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter companyname in the file...

9.8CVSS7.9AI score0.00498EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.2 views

PHPGurukul Dairy Farm Shop Management System 注入漏洞

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter companyname in the file...

9.8CVSS8.2AI score0.00498EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.9 views

CVE-2020-35707

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...

5.4CVSS5.6AI score0.00595EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/01/07 12:0 a.m.3 views

PT-2023-12632 · Sourcecodester · Sourcecodester Royale Event Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Royale Event Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown function of the file /royal event/companyprofile.php. The manipulation of the companyname, regno,...

6.1CVSS4.7AI score0.00657EPSS
Exploits0References6
OSV
OSV
added 2021/10/22 8:15 p.m.2 views

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

5.4CVSS6AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.4 views

Perfex Crm 跨站脚本漏洞

Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...

5.4CVSS5.5AI score0.00562EPSS
Exploits1References2
NVD
NVD
added 2020/12/25 6:15 a.m.20 views

CVE-2020-35707

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...

5.4CVSS5.3AI score0.00595EPSS
Exploits1References2
Prion
Prion
added 2020/12/25 6:15 a.m.19 views

Cross site scripting

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...

3.5CVSS5.1AI score0.00595EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/12/25 5:24 a.m.22 views

CVE-2020-35707

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...

5.3AI score0.00595EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/25 12:0 a.m.7 views

Bottelet Daybyday Crm Cross-Site Scripting Vulnerability

Bottelet Daybyday Crm is a builder system for task, time, employee, and vacation management by Bottelet Personal Developers. A cross-site scripting vulnerability exists in Bottelet Daybyday Crm 2.1.0, which allows storing XSS via the company name parameter to a new client screen...

5.4CVSS5.9AI score0.00595EPSS
Exploits1References3
OSV
OSV
added 2020/01/09 1:15 p.m.5 views

CVE-2020-5308

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php...

6.1CVSS6.8AI score0.15652EPSS
Exploits3References3
OSV
OSV
added 2020/01/07 7:15 p.m.3 views

CVE-2020-5307

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in...

9.8CVSS6.8AI score0.15652EPSS
Exploits1References2
Rows per page
Query Builder