CVE-2023-3542 ThinuTech ThinuCMS contact.php cross site scripting

A vulnerability was found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument name/body leads to cross site scripting. The attack may be launched remotely. VDB-233294 is the...

PT-2023-25215 · Thinutech · Thinucms

Name of the Vulnerable Software and Affected Versions: ThinuTech ThinuCMS version 1.5 Description: A vulnerability was found in ThinuTech ThinuCMS, affecting some unknown functionality of the file /contact.php. The manipulation of the name and body arguments leads to cross-site scripting. The...

Stored Cross-Site Scripting (XSS)

phpmyfaq is vulnerable to Stored Cross-Site Scripting XSS attacks. The library does not properly convert user inputs to HTML entities in the privacyURL of phpmyfaq/contact.php before it output to the front end, allowing an attacker to inject and execute malicious content via infected hyperlinks...

CVE-2022-24646

Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters...

Sql injection

Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters...

CVE-2022-24646

Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/contact.php via the txtMsg parameters...

PHPGurukul Hospital Management System Cross-Site Scripting Vulnerability (CNVD-2021-68754)

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System is vulnerable to cross-site scripting, which can be exploited by attackers to execute js code via contact.php...

CVE-2021-38757

Persistent cross-site scripting XSS in Hospital Management System targeted towards web admin through contact.php...

Cross site scripting

Persistent cross-site scripting XSS in Hospital Management System targeted towards web admin through contact.php...

CVE-2021-38757

CVE-2021-38757 is a reported persistent cross-site scripting (XSS) vulnerability in a Hospital Management System (often referenced as PHPGurukul/Hospital Management System). The public descriptions consistently state that the XSS is targeted at the web admin via the contact.php endpoint. Exploit ...

CVE-2021-38757

Persistent cross-site scripting XSS in Hospital Management System targeted towards web admin through contact.php...

Hospital Management System 跨站脚本漏洞

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. PHPGurukul Hospital Management System is vulnerable to cross-site scripting, which can be exploited by attackers to execute js code via contact.php...

CVE-2021-38757

Persistent cross-site scripting XSS in Hospital Management System targeted towards web admin through contact.php. Recent assessments: nu11secur1ty at August 17, 2021 2:20pm UTC reported: XSS-Stored PHPSESSID user PWNED on Hospital Management System Vulnerable parameter “txtMsg” on contact...

Mara CMS 7.5 - Reflective Cross-Site Scripting

Exploit Title: Mara CMS 7.5 - Reflective Cross-Site Scripting Google Dork: NA Date: 2020-08-01 Exploit Author: George Tsimpidas Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5 Tested on:...

CVE-2020-24223

Mara CMS 7.5 allows cross-site scripting XSS in contact.php via the theme or pagetheme parameters...

Cross site scripting

Mara CMS 7.5 allows cross-site scripting XSS in contact.php via the theme or pagetheme parameters...

CVE-2020-24223

Mara CMS 7.5 allows cross-site scripting XSS in contact.php via the theme or pagetheme parameters...

CVE-2020-24223

Mara CMS 7.5 is affected by a reflected XSS in contact.php via the theme or pagetheme parameters (root cause: improper sanitization of these inputs). The Nuclei template and multiple sources describe exploitation resulting in arbitrary JavaScript execution in the victim’s browser, with potential ...

Seabreeze Consulting Cross Site Scripting

Exploit Title: Seabreezeconsulting v1 XSS vulnerability Google Dork:"by Seabreeze Consulting" +inurl:/contact.php Date: 2020-04-03 Exploit Author: @ThelastVvV Vendor Homepage: www.seabreezeconsulting.com Version: 1 Tested on: 5.4.0-4parrot1-amd6...

Cross-site Scripting (XSS)

weison-tech/yii2-rbac is vulnerable to cross-site scripting XSS. The attack is possible because it does not sanitize a name filed to /contact.html via protected\core\modules\home\models\Contact.php , allowing an attacker to inject arbitrary script through it...