CVE-2023-44484 Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS)

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...

PT-2023-28930 · Unknown · Oscommerce

Name of the Vulnerable Software and Affected Versions: Os Commerce affected versions not specified Description: The issue is a Cross-Site Scripting XSS vulnerability that allows attackers to inject JavaScript through the admin firstname parameter, potentially leading to unauthorized execution of...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. An SQL injection vulnerability exists in SourceCodester Engineers Online Portal, which stems from the fact that manipulatio...

AC Repair and Services System 跨站脚本漏洞

AC Repair and Services System is an air conditioning repair and services system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in SourceCodester AC Repair and Services System version 1.0, which stems from the parameter firstname/middlename in the file...

CVE-2023-2678 SourceCodester File Tracker Manager System POST Parameter save_user.php cross site scripting

A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...

File Tracker Manager System 跨站脚本漏洞

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...

PT-2023-20794 · Sourcecodester · Sourcecodester File Tracker Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester File Tracker Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester File Tracker Manager System, affecting the file /file manager/admin/save user.php of the component POST Parameter Handler...

CVE-2023-2216

A vulnerability classified as problematic was found in Campcodes Coffee Shop POS System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument firstname leads to cross site scripting. The attack can be launched remotely. Th...

PT-2023-18377 · Campcodes · Campcodes Coffee Shop Pos System

Name of the Vulnerable Software and Affected Versions: Campcodes Coffee Shop POS System version 1.0 Description: A problematic issue was found in the system, affecting an unknown functionality of the file /classes/Users.php. The manipulation of the firstname argument leads to cross site scripting...

Campcodes Coffee Shop POS System 跨站脚本漏洞

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. A cross-site scripting vulnerability exists in Campcodes Coffee Shop POS System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the firstname parameter of the Users.php file,...

Alphaware Simple E-Commerce System SQL注入漏洞

Alphaware Simple E-Commerce System is an e-commerce system by razormist individual developers. A SQL injection vulnerability exists in Alphaware Simple E-Commerce System version 1.0, which stems from an incorrect manipulation of the parameter firstname/mi/lastname that can lead to sql injection...

SourceCodester Friendly Island Pizza Website and Ordering System SQL注入漏洞

SourceCodester Friendly Island Pizza Website and Ordering System is the Island Pizza website and ordering system. A SQL injection vulnerability exists in version 1.0 of the SourceCodester Friendly Island Pizza Website and Ordering System, which stems from a problem with the file addmem.php, where...

PT-2023-16943 · Sourcecodester · Sourcecodester Friendly Island Pizza Website/Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Friendly Island Pizza Website and Ordering System version 1.0 Description: A critical issue affects the processing of the file addmem.php of the component POST Parameter Handler. The manipulation of the firstname argument leads...

The vulnerability of the signup.php script in the Dental Clinic Appointment Reservation System allows attackers to perform cross-site scripting attacks.

The vulnerability in the signup.php script of the Dental Clinic Appointment Reservation System relates to insufficient protection of the website’s structure when processing the firstname parameter. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

Dental Clinic Appointment Reservation System 跨站脚本漏洞

Dental Clinic Appointment Reservation System is a Dental Clinic Appointment Reservation System by jkev Individual Developer. A cross-site scripting vulnerability exists in SourceCodester Dental Clinic Appointment Reservation System version 1.0, which stems from an incorrect manipulation of the...

PT-2023-1563 · Sourcecodester · Dental Clinic Appointment Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Dental Clinic Appointment Reservation System version 1.0 Description: A vulnerability was found in the Dental Clinic Appointment Reservation System, affecting the file /APR/signup.php, specifically the POST Parameter Handler...

CVE-2022-46622

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

CVE-2022-46622

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

Cross site scripting

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

PT-2023-14968 · Unknown · Judging Management System

Name of the Vulnerable Software and Affected Versions: Judging Management System version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. Recommendations: For Judging Management...