22 matches found
WordPress EM Cost Calculator plugin <= 2.3.1 - Unauthenticated Stored Cross-Site Scripting via 'customer_name' vulnerability
Unauthenticated Stored Cross-Site Scripting via 'customername' vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Cost Calculator Pro versions = 2.3.1...
CVE-2025-40640
Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createinvoicesubmit.php”, using the “customerName0” parameter. This vulnerability could allow a...
EUVD-2025-33689
Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createinvoicesubmit.php”, using the “customerName0” parameter. This vulnerability could allow a...
EUVD-2021-24024
Malware in sbrugna...
EUVD-2020-23595
Malware in sbrugna...
EUVD-2025-32142
Malicious code in bioql PyPI...
EUVD-2023-37573
Malicious code in bioql PyPI...
CVE-2025-61087
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...
CVE-2025-61087
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...
PT-2025-40397
Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description The software is susceptible to Cross Site Scripting XSS attacks. The issue is located in the Customer Name field within the Customer Management Section. Input provided...
CVE-2025-61087
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...
CVE-2021-37459
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...
CVE-2020-36012
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...
Warehouse Management System 跨站脚本漏洞
Warehouse Management System is a warehouse management system developed by Carlo Montero. A cross-site scripting vulnerability exists in Warehouse Management System version 1.0, which stems from the parameter namacustomer/alamatcustomer/notelpcustomer in the file customer.php and results in...
PT-2023-30982 · Unknown · Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: Appointment Scheduler version 3.0 Description: The issue concerns Multiple Stored Cross-Site Scripting XSS problems. These issues can be exploited via several parameters, including name, plugin sms api key, plugin sms country code, calendar i...
CVE-2023-33410
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file...
CVE-2021-37459
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...
Cross site scripting
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...
CVE-2020-36012
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...
Cross site scripting
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...