108 matches found
PHP CRUD 跨站脚本漏洞
PHP CRUD is a PHP-based implementation of add, delete, change and retrieve. A cross-site scripting vulnerability exists in PHP CRUD version 1.0, which stems from a cross-site scripting vulnerability contained in the firstname/middlename/lastname parameters of the /endpoint/Add.php file...
PT-2024-30139 · Unknown · Kashipara Hotel Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Reflected Cross Site Scripting XSS issue was found in the "/core/signup user.php" endpoint of the system, allowing remote attackers to execute arbitrary code via the user fname and...
CVE-2024-34224
Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters...
CVE-2024-31651
A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
CVE-2024-31651
A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
CVE-2024-31651
CVE-2024-31651 describes a cross-site scripting (XSS) vulnerability in the Cosmetics and Beauty Product Online Store v1.0. The issue arises from unsanitized input in the irst Name parameter, enabling an attacker to inject and execute arbitrary web scripts or HTML in the victim00. Documents con...
Cosmetics and Beauty Product Online Store 安全漏洞
Cosmetics And Beauty Product Online Store is an online store for cosmetics and beauty products from the individual developer Carlo Montero. A security vulnerability exists in Cosmetics and Beauty Product Online Store v1.0, which originates from a cross-site scripting vulnerability in the First Na...
CVE-2024-31651
A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
PHPGurukul Hospital Management System Cross-Site Scripting Vulnerability
PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. A cross-site scripting vulnerability exists in PHPGurukul Hospital Management System version 1.0, which stems from the parameter First Name in the file registration.php that can lead to cross-site scripting...
PT-2023-32904 · Unknown · Code-Projects Client Details System
Name of the Vulnerable Software and Affected Versions: code-projects Client Details System version 1.0 Description: A problematic issue was found in the system, affecting some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname, lname, email, or contact...
SourceCodester User Registration and Login System Cross-Site Scripting Vulnerability
User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A cross-site scripting vulnerability exists in the SourceCodester User Registration and Login System, which originates from cross-site scripting in the firstname parameter of...
Online Blood Bank Management System Cross-Site Scripting Vulnerability
Online Blood Bank Management System is an online blood bank management system. A cross-site scripting vulnerability exists in Online Blood Bank Management System v1.0, which originates when the firstName parameter of users/register.php is copied in plain text to the users/member.php document...
CVE-2023-45391
A stored cross-site scripting XSS vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
Best Courier Management System Cross-Site Scripting Vulnerability
Best Courier Management System is a courier management system by Mayuri K., a personal developer. A cross-site scripting vulnerability exists in Best Courier Management System version 1.0, which stems from a cross-site scripting vulnerability due to incorrect manipulation of the parameter First...
GZ Scripts Ticket Booking Script 跨站脚本漏洞
GZ Scripts Ticket Booking Script is a ticket booking system from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts Ticket Booking Script version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname, phone, address1, a...
MonicaHQ 跨站脚本漏洞
MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0, which can be exploited by a remote attacker to execute malicious code in the application via the people:id/relationships endpoint and CSTIs in the firstname and lastname...
SourceCodester Computer Parts Sales and Inventory System 跨站脚本漏洞
Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A cross-site scripting vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which stems from unknown problematic code in th...
CVE-2022-3587
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component My Account. The manipulation of the argument First Name leads to cross site scripting. The attack...
CVE-2022-34991
Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities via the firstname and lastname parameters...