CVE-2023-5283 SourceCodester Engineers Online Portal teacher_signup.php sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. An SQL injection vulnerability exists in SourceCodester Engineers Online Portal, which stems from the fact that manipulatio...

PT-2023-28930 · Unknown · Oscommerce

Name of the Vulnerable Software and Affected Versions: Os Commerce affected versions not specified Description: The issue is a Cross-Site Scripting XSS vulnerability that allows attackers to inject JavaScript through the admin firstname parameter, potentially leading to unauthorized execution of...

PaulPrinting CMS 跨站脚本漏洞

PaulPrinting CMS is a website builder system by CodePaul Individual Developers. A cross-site scripting vulnerability exists in PaulPrinting CMS version 2018, which stems from the fact that the parameters firstname/lastname/address/city/state lead to cross-site scripting...

CVE-2023-3659

A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manageuser. The manipulation of the argument firstname/middlename leads to cross site scripting...

AC Repair and Services System 跨站脚本漏洞

AC Repair and Services System is an air conditioning repair and services system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in SourceCodester AC Repair and Services System version 1.0, which stems from the parameter firstname/middlename in the file...

Sales Tracker Management System 跨站脚本漏洞

Sales Tracker Management System is a sales tracking management system by Carlo Montero Personal Developer. A cross-site scripting vulnerability exists in Sales Tracker Management System version 1.0, which stems from a problem with the file /classes/Users.php?f=save, where incorrect manipulation o...

CVE-2023-2678

The CVE-2023-2678 entry concerns SourceCodester File Tracker Manager System 1.0. The vulnerability affects the file /file_manager/admin/save_user.php in the POST Parameter Handler, where manipulating the firstname parameter leads to cross-site scripting (XSS). Exploitation is remote and the explo...

CVE-2023-2678 SourceCodester File Tracker Manager System POST Parameter save_user.php cross site scripting

A vulnerability has been found in SourceCodester File Tracker Manager System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /filemanager/admin/saveuser.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross si...

File Tracker Manager System 跨站脚本漏洞

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...

PT-2023-20794 · Sourcecodester · Sourcecodester File Tracker Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester File Tracker Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester File Tracker Manager System, affecting the file /file manager/admin/save user.php of the component POST Parameter Handler...

CVE-2023-30788

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...

CVE-2023-2216

A vulnerability classified as problematic was found in Campcodes Coffee Shop POS System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument firstname leads to cross site scripting. The attack can be launched remotely. Th...

PT-2023-18377 · Campcodes · Campcodes Coffee Shop Pos System

Name of the Vulnerable Software and Affected Versions: Campcodes Coffee Shop POS System version 1.0 Description: A problematic issue was found in the system, affecting an unknown functionality of the file /classes/Users.php. The manipulation of the firstname argument leads to cross site scripting...

Campcodes Coffee Shop POS System 跨站脚本漏洞

Campcodes Coffee Shop POS System is a coffee shop POS system from Campcodes. A cross-site scripting vulnerability exists in Campcodes Coffee Shop POS System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the firstname parameter of the Users.php file,...

Alphaware Simple E-Commerce System SQL注入漏洞

Alphaware Simple E-Commerce System is an e-commerce system by razormist individual developers. A SQL injection vulnerability exists in Alphaware Simple E-Commerce System version 1.0, which stems from an incorrect manipulation of the parameter firstname/mi/lastname that can lead to sql injection...

SourceCodester Friendly Island Pizza Website and Ordering System SQL注入漏洞

SourceCodester Friendly Island Pizza Website and Ordering System is the Island Pizza website and ordering system. A SQL injection vulnerability exists in version 1.0 of the SourceCodester Friendly Island Pizza Website and Ordering System, which stems from a problem with the file addmem.php, where...

PT-2023-16943 · Sourcecodester · Sourcecodester Friendly Island Pizza Website/Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Friendly Island Pizza Website and Ordering System version 1.0 Description: A critical issue affects the processing of the file addmem.php of the component POST Parameter Handler. The manipulation of the firstname argument leads...

The vulnerability of the signup.php script in the Dental Clinic Appointment Reservation System allows attackers to perform cross-site scripting attacks.

The vulnerability in the signup.php script of the Dental Clinic Appointment Reservation System relates to insufficient protection of the website’s structure when processing the firstname parameter. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

CVE-2023-1036

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross...