Simple Online Hotel Reservation System add_reserve.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter firstname in the file...

Online Shoe Store edit_customer.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /function/editcustomer.php. An attacker can exploit this...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter firstname in the file...

CVE-2025-6307

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/editcustomer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit...

Code-Projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /function/editcustomer.php. An attacker can exploit this...

CVE-2023-1379

A vulnerability was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file addmem.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to sql...

CVE-2022-29359

A stored cross-site scripting XSS vulnerability in /scas/?page=clubs/applicationform=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

CVE-2022-46622

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

SourceCodester Online ID Generator System 安全漏洞

SourceCodester Online ID Generator System is an open source online identity generator system from SourceCodester. A security vulnerability exists in SourceCodester Online ID Generator System version 1.0, which stems from a stored cross-site scripting attack due to incorrect manipulation of the...

needyamin 跨站脚本漏洞

needyamin is an open source library card borrowing system by needyamin. A cross-site scripting vulnerability exists in needyamin version 1.0, which stems from a cross-site scripting attack due to incorrect manipulation of the firstname/lastname/email/borrow/useraddress parameters...

CVE-2024-50658

Server-Side Template Injection SSTI was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file...

iPublish AdPortal 代码注入漏洞

iPublish AdPortal is a self-service newspaper advertising platform from iPublish, Inc. A security vulnerability exists in iPublish AdPortal version 3.0.39 that stems from the presence of server-side template injection SSTI, which allows remote attackers to execute arbitrary code via the...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the firstname, lastname,...

PT-2024-36438 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /teacher signup.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database through...

Wazifa System updatesettings.php file cross-site scripting vulnerability

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter firstname in the file /controllers/updatesettings.php, which can be exploited by an...

CVE-2024-12001

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...

CVE-2024-12000

A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. Th...

PT-2024-17396 · Unknown · Code-Projects Wazifa System

Name of the Vulnerable Software and Affected Versions: code-projects Wazifa System version 1.0 Description: A vulnerability has been found in the code-projects Wazifa System, affecting an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulati...

Code-Projects Wazifa System 代码注入漏洞

Wazifa System is a content management system. Wazifa System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter firstname in the file /controllers/updatesettings.php, which can be exploited by an...

Code-Projects Blood Bank System 代码注入漏洞

Code-Projects Blood Bank System is a Code-Projects open source blood bank management system. A code injection vulnerability exists in Code-Projects Blood Bank System version 1.0, which stems from a cross-site scripting attack caused by the parameter firstname in the file...