MySimplifiedSQL 跨站脚本漏洞

MySimplifiedSQL is an easy to use PHP class from Ivan Personal Developer. It is used to interact with MySQL databases. A cross-site scripting vulnerability exists in MySimplifiedSQL that stems from cross-site scripting due to incorrect manipulation of the parameters FirstName/LastName...

Online Diagnostic Lab Management System 跨站脚本漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. A cross-site scripting vulnerability exists in Online Diagnostic Lab Management System version 1.0, which originates from an XSS via the firstname, address, middlename, lastname , gender, email, contact...

CVE-2021-29055

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in studentprofile.php...

School File Management System 跨站脚本漏洞

School File Management System is a school file management system that stores student files individually and retrieves them later. A cross-site scripting vulnerability exists in School File Management System version 1.0, which can be exploited to cause cross-site scripting attacks via the Firstnam...

CVE-2022-29359

A stored cross-site scripting XSS vulnerability in /scas/?page=clubs/applicationform&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

CVE-2022-29359

A stored cross-site scripting XSS vulnerability in /scas/?page=clubs/applicationform&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

School Club Application System 跨站脚本漏洞

School Club Application System is a school club application system by Carlo Montero Personal Developer. A security vulnerability exists in School Club Application System version 0.1, which originates from a stored cross-site scripting XSS vulnerability in /scas/?page=clubs/applicationform&id=7. A...

CVE-2022-30842

Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting XSS via /ctpms/classes/Users.php?f=save, firstname...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

CVE-2021-40969

Removed by vendor...

TikTok: HTML Injection on tiktoktutorials via firstName parameter

HTML injection was found in tiktoktutorials endpoint which could have potentially allowed attackers to modify the content of the email and trick users into visiting malicious sites. We thank @siratsami for reporting this to our team...

CVE-2021-27320

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

CVE-2021-27320

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

Sql injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

CVE-2021-27320

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

Doctor Appointment System 1.0 Blind SQL Injection Vulnerability

Exploit Title: Doctor Appointment System 1.0 Blind SQL injection in email parameter CVE: CVE-2021-27319 Exploit Author: Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...

PHP Scripts Mall Auditor Website Cross-Site Scripting Vulnerability

PHP Scripts Mall Auditor Website is an accounting auditor website system script by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Auditor Website version 2.0.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with th...