16 matches found
CVE-2026-23752
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary JavaScript by manipulating the companyname POST parameter without HTML sanitization. Attackers can...
EUVD-2020-23365
Malware in sbrugna...
Medical Store Management System UpdateCompany.java File SQL Injection Vulnerability
Medical Store Management System is a pharmacy management system. The Medical Store Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter companyNameTxt in the file UpdateCompany.java. An...
Dairy Farm Shop Management System edit-company.php File SQL Injection Vulnerability
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the edit-company.php parameter companyname...
Dairy Farm Shop Management System /add-company.php File SQL Injection Vulnerability
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter companyname in the file...
PHPGurukul Dairy Farm Shop Management System 注入漏洞
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter companyname in the file...
CVE-2020-35707
Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...
PT-2023-12632 · Sourcecodester · Sourcecodester Royale Event Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Royale Event Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown function of the file /royal event/companyprofile.php. The manipulation of the companyname, regno,...
CVE-2020-28961
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...
Perfex Crm 跨站脚本漏洞
Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...
CVE-2020-35707
Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...
Cross site scripting
Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...
CVE-2020-35707
Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen...
Bottelet Daybyday Crm Cross-Site Scripting Vulnerability
Bottelet Daybyday Crm is a builder system for task, time, employee, and vacation management by Bottelet Personal Developers. A cross-site scripting vulnerability exists in Bottelet Daybyday Crm 2.1.0, which allows storing XSS via the company name parameter to a new client screen...
CVE-2020-5308
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php...
CVE-2020-5307
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in...