49 matches found
Campcodes Online Hospital Management System 1.0 - SQL Injection
Exploit Title: Campcodes Online Hospital Management System 1.0 - SQL Injection Google Dork: N/A Exploit Author: Carine Constantino Vendor Homepage: https://www.campcodes.com Software Link: https://www.campcodes.com/projects/online-hospital-management-system-using-php-and-mysql/ Version: 1.0 Teste...
CVE-2025-4553
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may...
CVE-2025-4074
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/pass-bwdates-report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack...
PT-2024-25883 · Sourcecodester · Sourcecodester Prison Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Prison Management System version 1.0 Description: A problematic vulnerability was found in the SourceCodester Prison Management System. This issue affects the file /Employee/apply leave.php, where the manipulation of the txtsta...
Cross site scripting
Wallos 0.9 is vulnerable to Cross Site Scripting XSS in all text-based input fields without proper validation, excluding those requiring specific formats like date fields...
CVE-2024-22776
Wallos 0.9 is vulnerable to Cross Site Scripting XSS in all text-based input fields without proper validation, excluding those requiring specific formats like date fields...
USN-6553-1 pydantic vulnerability
Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial of service via application crash. CVE-2021-29510...
Ubuntu 20.04 ESM : Pydantic vulnerability (USN-6553-1)
The remote Ubuntu 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6553-1 advisory. Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial o...
GHSA-X9XJ-PQMV-8JF7 Cross-site Scripting (XSS) in pimcore via DataObject Class date fields
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.21 or apply this patch manually...
Cross-site Scripting (XSS) in pimcore via DataObject Class date fields
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.21 or apply this patch manually...
CVE-2022-26348
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...
Sql injection
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...
Debian: Security Advisory (DLA-2897-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-42121
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads t...
CVE-2021-42121
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads t...
Input validation
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which...
CVE-2021-42121 Denial of Service via Invalid Date Format in TopEase
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 on an object’s date attributes allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads t...
The vulnerability of Pydantic’s date fields in data analysis and verification processes, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.
The vulnerability of the date field in Pydantic’s data analysis and verification mechanisms is related to the incorrect handling of data types like infinity, inf, and float'inf' within the date field. Exploiting this vulnerability can allow an attacker to cause service failures...
PYSEC-2021-47
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
CVE-2021-29510
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...