Lucene search
K

108 matches found

CNNVD
CNNVD
added 2024/09/07 12:0 a.m.4 views

PHP CRUD 跨站脚本漏洞

PHP CRUD is a PHP-based implementation of add, delete, change and retrieve. A cross-site scripting vulnerability exists in PHP CRUD version 1.0, which stems from a cross-site scripting vulnerability contained in the firstname/middlename/lastname parameters of the /endpoint/Add.php file...

6.1CVSS4.5AI score0.00291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.4 views

PT-2024-30139 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Reflected Cross Site Scripting XSS issue was found in the "/core/signup user.php" endpoint of the system, allowing remote attackers to execute arbitrary code via the user fname and...

6.1CVSS6.8AI score0.00444EPSS
Exploits1References7
OSV
OSV
added 2024/05/14 3:38 p.m.4 views

CVE-2024-34224

Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters...

7.3CVSS5.9AI score0.00871EPSS
Exploits1References1
OSV
OSV
added 2024/04/15 10:15 p.m.5 views

CVE-2024-31651

A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...

6.1CVSS5.9AI score0.00435EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/15 12:0 a.m.17 views

CVE-2024-31651

A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...

6AI score0.00435EPSS
Exploits1References1
CVE
CVE
added 2024/04/15 12:0 a.m.51 views

CVE-2024-31651

CVE-2024-31651 describes a cross-site scripting (XSS) vulnerability in the Cosmetics and Beauty Product Online Store v1.0. The issue arises from unsanitized input in the irst Name parameter, enabling an attacker to inject and execute arbitrary web scripts or HTML in the victim00. Documents con...

6.1CVSS6AI score0.00435EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.4 views

Cosmetics and Beauty Product Online Store 安全漏洞

Cosmetics And Beauty Product Online Store is an online store for cosmetics and beauty products from the individual developer Carlo Montero. A security vulnerability exists in Cosmetics and Beauty Product Online Store v1.0, which originates from a cross-site scripting vulnerability in the First Na...

6.1CVSS6.1AI score0.00435EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/15 12:0 a.m.11 views

CVE-2024-31651

A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...

6.2AI score0.00435EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/30 12:0 a.m.4 views

PHPGurukul Hospital Management System Cross-Site Scripting Vulnerability

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. A cross-site scripting vulnerability exists in PHPGurukul Hospital Management System version 1.0, which stems from the parameter First Name in the file registration.php that can lead to cross-site scripting...

5.4CVSS5.8AI score0.0146EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.4 views

PT-2023-32904 · Unknown · Code-Projects Client Details System

Name of the Vulnerable Software and Affected Versions: code-projects Client Details System version 1.0 Description: A problematic issue was found in the system, affecting some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname, lname, email, or contact...

4.8CVSS4.1AI score0.00537EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.26 views

SourceCodester User Registration and Login System Cross-Site Scripting Vulnerability

User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A cross-site scripting vulnerability exists in the SourceCodester User Registration and Login System, which originates from cross-site scripting in the firstname parameter of...

5.4CVSS6.1AI score0.00604EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.3 views

Online Blood Bank Management System Cross-Site Scripting Vulnerability

Online Blood Bank Management System is an online blood bank management system. A cross-site scripting vulnerability exists in Online Blood Bank Management System v1.0, which originates when the firstName parameter of users/register.php is copied in plain text to the users/member.php document...

6.1CVSS6.2AI score0.0038EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/10/13 2:15 p.m.4 views

CVE-2023-45391

A stored cross-site scripting XSS vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...

4.8CVSS6AI score0.00351EPSS
Exploits1References2
Prion
Prion
added 2023/10/13 2:15 p.m.12 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...

4.3CVSS4.8AI score0.00351EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/09/30 12:0 a.m.4 views

Best Courier Management System Cross-Site Scripting Vulnerability

Best Courier Management System is a courier management system by Mayuri K., a personal developer. A cross-site scripting vulnerability exists in Best Courier Management System version 1.0, which stems from a cross-site scripting vulnerability due to incorrect manipulation of the parameter First...

5.4CVSS6.1AI score0.00571EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.7 views

GZ Scripts Ticket Booking Script 跨站脚本漏洞

GZ Scripts Ticket Booking Script is a ticket booking system from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts Ticket Booking Script version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname, phone, address1, a...

6.1CVSS4.7AI score0.00335EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/08 12:0 a.m.6 views

MonicaHQ 跨站脚本漏洞

MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0, which can be exploited by a remote attacker to execute malicious code in the application via the people:id/relationships endpoint and CSTIs in the firstname and lastname...

5.4CVSS6AI score0.00643EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.5 views

SourceCodester Computer Parts Sales and Inventory System 跨站脚本漏洞

Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A cross-site scripting vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which stems from unknown problematic code in th...

6.1CVSS4.3AI score0.00601EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/10/18 1:15 p.m.6 views

CVE-2022-3587

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component My Account. The manipulation of the argument First Name leads to cross site scripting. The attack...

5.4CVSS3.5AI score0.00459EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/07/26 1:15 p.m.10 views

CVE-2022-34991

Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities via the firstname and lastname parameters...

5.4CVSS5.7AI score0.00434EPSS
Exploits1References1
Rows per page
Query Builder