Lucene search
+L

108 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28754

Malicious code in bioql PyPI...

7.2CVSS5AI score0.0033EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/10/01 12:42 a.m.8 views

CVE-2025-28016

A Reflected Cross-Site Scripting XSS vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters...

4.8CVSS6.3AI score0.0024EPSS
Exploits1References1
cve
cve
added 2025/09/30 12:0 a.m.21 views

CVE-2025-28016

The CVE-2025-28016 entry concerns the PHPGurukul User Registration & Login and User Management System v3.3. A Reflected Cross-Site Scripting (XSS) vulnerability exists in loginsystem/edit-profile.php, allowing remote attackers to execute arbitrary JavaScript via the fname, lname, and contact para...

4.8CVSS6AI score0.0024EPSS
Exploits1References1Affected Software1
cnvd
cnvd
added 2025/09/29 12:0 a.m.6 views

Employee Record Management System myprofile.php File Cross-Site Scripting Vulnerability

Employee Record Management System is an employee record management system. The Employee Record Management System suffers from a cross-site scripting vulnerability that arises from insufficient filtering of the First name parameter in the /myprofile.php file. An attacker can exploit this...

6.1CVSS4.6AI score0.00364EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/09/28 12:0 a.m.6 views

PHPGurukul Employee Record Management System 代码注入漏洞

Employee Record Management System is an employee record management system. The Employee Record Management System suffers from a cross-site scripting vulnerability that arises from insufficient filtering of the First name parameter in the /myprofile.php file. An attacker can exploit this...

6.1CVSS6.1AI score0.00364EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2025/08/28 12:0 a.m.10 views

PT-2025-35087

Name of the Vulnerable Software and Affected Versions: PuneethReddyHC Online Shopping System Advanced version 1.0 Description: A reflected Cross-Site Scripting XSS vulnerability exists in the register.php file. Unsanitized user input in the f name parameter is reflected in the server response...

5.4CVSS5.5AI score0.0025EPSS
Exploits1References4
cvelist
cvelist
added 2025/08/10 1:32 p.m.15 views

CVE-2025-8811 code-projects Simple Art Gallery registration.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely...

7.5CVSS0.00514EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/08/07 12:0 a.m.5 views

Hospital Management System 安全漏洞

Hospital Management System is a hospital management system by Kishan Lal, an individual developer. A security vulnerability exists in Hospital Management System version v4, which is caused by a cross-site scripting attack due to incorrect manipulation of the parameters fname and lname in the file...

6.1CVSS6AI score0.00202EPSS
Exploits0References2
osv
osv
added 2025/07/14 1:15 p.m.7 views

CVE-2025-7605

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS5.8AI score0.00396EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/07/14 12:0 a.m.5 views

Code-Projects AVL Rooms 安全漏洞

Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter firstname in the file /profile.php...

9.8CVSS7.8AI score0.00396EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2025/07/14 12:0 a.m.4 views

PT-2025-29463 · Avl Rooms · Avl Rooms

Name of the Vulnerable Software and Affected Versions: AVL Rooms version 1.0 Description: A vulnerability exists in AVL Rooms that may allow for remote exploitation. The issue is related to SQL injection within the /profile.php file, specifically through manipulation of the first name parameter...

9.8CVSS7.3AI score0.00396EPSS
Exploits1References8
cnnvd
cnnvd
added 2025/06/25 12:0 a.m.6 views

itsourcecode Employee Management System 注入漏洞

itsourcecode Employee Management System is itsourcecode open source employee management system. An injection vulnerability exists in itsourcecode Employee Management System version 1.0, which stems from improper handling of the parameter FirstName in the file /admin/editempprofile.php, which can...

7.2CVSS5.7AI score0.0033EPSS
Exploits1References6
redhatcve
redhatcve
added 2025/05/23 2:57 a.m.4 views

CVE-2023-1031

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the settings endpoint and firstname parameter...

8.8CVSS7.3AI score0.01424EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/04/03 12:0 a.m.6 views

Project Worlds Online Lawyer Management System 注入漏洞

Project Worlds Online Lawyer Management System is an online lawyer management system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Lawyer Management System version 1.0, which stems from an incorrect operation of the parameter firstName that can lead to SQL...

9.8CVSS8AI score0.00478EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/03/31 12:0 a.m.4 views

Code-Projects Payroll Management System 安全漏洞

Code-Projects Payroll Management System is an open source payroll management system from Code-Projects. A security vulnerability exists in Code-Projects Payroll Management System version 1.0, which stems from an incorrect manipulation of the parameters lname and fname that can lead to SQL injecti...

8.8CVSS6.9AI score0.00596EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/03/03 12:0 a.m.6 views

Serosoft Solutions Academia Student Information System EagleR 跨站脚本漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR v1.0.118, which stems from a stored cross-site scripting vulnerability in...

5.4CVSS5.9AI score0.00201EPSS
Exploits0References2
cvelist
cvelist
added 2025/01/10 12:0 a.m.26 views

CVE-2024-33299

Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/module/view?type=users...

0.01109EPSS
Exploits2References1
cnnvd
cnnvd
added 2024/12/27 12:0 a.m.5 views

Code-Projects Job Recruitment 代码注入漏洞

Code-Projects Job Recruitment is an open source job portal from Code-Projects. A code injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which originates from a cross-site scripting vulnerability in the fname/lname parameter of the /parse/alledits.php file...

6.9CVSS4.9AI score0.00497EPSS
Exploits1References5
cnnvd
cnnvd
added 2024/12/26 12:0 a.m.3 views

Code-Projects Job Recruitment 注入漏洞

Code-Projects Job Recruitment is a job portal of Code-Projects open source. Code-Projects Job Recruitment version 1.0 suffers from an injection vulnerability, which originates from the parameter fname/lname in the flnupdate function of the file /parse/alledits.php, which can lead to SQL injection...

9.8CVSS7.9AI score0.00599EPSS
Exploits1References5
cnnvd
cnnvd
added 2024/09/07 12:0 a.m.4 views

PHP CRUD 跨站脚本漏洞

PHP CRUD is a PHP-based implementation of add, delete, change and retrieve. A cross-site scripting vulnerability exists in PHP CRUD version 1.0, which stems from a cross-site scripting vulnerability contained in the firstname/middlename/lastname parameters of the /endpoint/update.php file...

6.1CVSS4.5AI score0.00378EPSS
Exploits1References5
Rows per page
Query Builder