21 matches found
EUVD-2020-14206
Malware in sbrugna...
EUVD-2024-52738
Malicious code in bioql PyPI...
CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2020-21434
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2024-57498
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function...
CVE-2022-39977
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
PT-2022-25154 · Unknown · Online Pet Shop We App
Name of the Vulnerable Software and Affected Versions: Online Pet Shop We App version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point in the Editing function of the Product List module. This is due to an...
PT-2022-25153 · Unknown · Online Pet Shop We App
Name of the Vulnerable Software and Affected Versions: Online Pet Shop We App version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point in the Editing function of the User module. This is achieved by exploiting a...
CVE-2022-34120
Barangay Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the module editing function at /pages/activity/activity.php...
CVE-2022-34120
Barangay Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the module editing function at /pages/activity/activity.php...
PT-2022-22014 · Unknown · Barangay Management System
Name of the Vulnerable Software and Affected Versions: Barangay Management System version 1.0 Description: The Barangay Management System contains a remote code execution RCE issue via the module editing function at the "/pages/activity/activity.php" endpoint. This allows for potential code...
CVE-2022-34024
Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php...
CVE-2022-34024
Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php...
Privilege escalation
In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "packageedit.php" file...
Cross site scripting
Tad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...
Cross site scripting
Maccms 10 contains a cross-site scripting XSS vulnerability in the Editing function under the Member module. This vulnerability is exploited via a crafted payload in the nickname text field...
CVE-2020-21434
CVE-2020-21434 affects Maccms 10. The vulnerability is a cross-site scripting (XSS) flaw in the Editing function under the Member module, exploitable via a crafted payload in the nickname field. Root cause: lack of proper input validation allowing script execution. Impact: client-side code execut...