Cross site scripting

A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...

Cross site scripting

A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27" leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2023-2671

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=saveinquiry of the component Contact Form. The manipulation of the argument fullname/contact/message lea...

CVE-2023-2671 SourceCodester Lost and Found Information System Contact Form cross site scripting

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=saveinquiry of the component Contact Form. The manipulation of the argument fullname/contact/message lea...

Sql injection

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file viewcategories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit ha...

Sql injection

A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/updatepassword.php of the component POST Parameter Handler. The manipulation of the argument newpassword leads to sql injection. The...

CVE-2023-2643 SourceCodester File Tracker Manager System POST Parameter update_password.php sql injection

A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/updatepassword.php of the component POST Parameter Handler. The manipulation of the argument newpassword leads to sql injection. The...

CVE-2023-2617

CVE-2023-2617 affects OpenCV’s wechat_qrcode module up to 4.7.0. The vulnerability resides in DecodedBitStreamParser::decodeByteSegment (qrcode/decoder/decoded_bit_stream_parser.cpp) and causes a null pointer dereference. It can be triggered remotely, and public exploit information exists. Remedi...

Cross site scripting

A vulnerability was found in SourceCodester Simple Student Information System 1.0. It has been classified as problematic. This affects an unknown part of the file /classes/Master.php?f=savecourse of the component Add New Course. The manipulation of the argument name with the input...

CVE-2023-2425 SourceCodester Simple Student Information System Add New Course cross site scripting

A vulnerability was found in SourceCodester Simple Student Information System 1.0. It has been classified as problematic. This affects an unknown part of the file /classes/Master.php?f=savecourse of the component Add New Course. The manipulation of the argument name with the input...

CVE-2023-2419

A vulnerability was found in Zhong Bang CRMEB 4.6.0. It has been declared as critical. This vulnerability affects the function videoUpload of the file \crmeb\app\services\system\attachment\SystemAttachmentServices.php. The manipulation of the argument filename leads to unrestricted upload. The...

CVE-2023-2397

A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Mobile Comparison Website 1.0. This issue affects some unknown processing of the file classes/Master.php?f=savefield. The manipulation of the argument Field Name leads to cross site scripting. The attack...

Cross site scripting

A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. This vulnerability affects unknown code of the component Web Management Interface. The manipulation of the argument USERDBUsers.Password leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2023-2374 Ubiquiti EdgeRouter X Web Management Interface command injection

A vulnerability has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This vulnerability affects unknown code of the component Web Management Interface. The manipulation of the argument ecn-down leads to command injection. The attack can be initiated remotely. T...

Sql injection

A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=managequestionnaire. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. Th...

CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to th...

Sql injection

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/sales/managesale.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

Cross site scripting

A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/assets/plugins/DataTables/examples/examplessupport/editableajax.php of the component POST Parameter Handler. The...

CVE-2023-2153 SourceCodester Complaint Management System POST Parameter editable_ajax.php cross site scripting

A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/assets/plugins/DataTables/examples/examplessupport/editableajax.php of the component POST Parameter Handler. The...

CVE-2023-2148 Campcodes Online Thesis Archiving System view_curriculum.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Thesis Archiving System 1.0. This affects an unknown part of the file /admin/curriculum/viewcurriculum.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...