CVE-2023-51281

Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to escalate privileges via a crafted script firstname, "lastname", "middlename", "contact" and address parameters...

BIT-SUITECRM-2022-27474

SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

CVE-2024-2145

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/update-tracker.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to launch the...

PT-2024-18876 · Unknown · Sourcecodester Online Mobile Management Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Mobile Management Store version 1.0 Description: A vulnerability was found in the software, classified as problematic. It affects an unknown function of the file /endpoint/update-tracker.php. The manipulation of the...

CVE-2024-0504

A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file addreserve.php of the component Make a Reservation Page. The manipulation of the argument Firstname/Lastname with the input...

PT-2024-15621 · Unknown · Code-Projects Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Online Hotel Reservation System version 1.0 Description: A vulnerability has been found in the code-projects Simple Online Hotel Reservation System, affecting the file add reserve.php of the Make a Reservation Page...

Cross site scripting

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/editteacher.php of the component Add Enginer. The manipulation of the argument Firstname/Lastname leads to cross site scripting...

RRJ Nueva Ecija Engineer Online Portal Cross-Site Scripting Vulnerability

RRJ Nueva Ecija Engineer Online Portal is an online portal for engineers from RRJ Nueva Ecija. A cross-site scripting vulnerability exists in RRJ Nueva Ecija Engineer Online Portal version 1.0, which stems from the parameter Firstname/Lastname in the file /admin/editteacher.php that causes...

PT-2023-32878 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A problematic vulnerability has been found in the code-projects E-Commerce Website, affecting an unknown part of the file user signup.php. The manipulation of the firstname argument wi...

PT-2023-31431 · Unknown · Customer Support System

Name of the Vulnerable Software and Affected Versions: Customer Support System version v1 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at "/customer support/index.php?page=custom...

CVE-2023-44484

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...

CVE-2023-44484 Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS)

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...

CVE-2023-4493

Stored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the usersadmin.ghp file that affects multiple parameters such as firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip. This vulnerability allows a...

CVE-2023-43711

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "adminfirstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...