371 matches found
CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...
CVE-2026-2222
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...
CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...
PT-2026-7087
A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btn functions.php. The manipulation of the argument firstname results in cross site scripting. It is possible to launch the attack remotely. The...
Code-Projects Online Reviewer System 代码注入漏洞
The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Reviewer System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter “firstname” in the file...
PT-2026-7076
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btn functions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack...
Simple Responsive Tourism Website 代码注入漏洞
Simple Responsive Tourism Website is a simple responsive tourism website. Version 1.0 of Simple Responsive Tourism Website has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameters firstname, lastname, and username in the...
PT-2026-5927
Name of the Vulnerable Software and Affected Versions NICE Chat affected versions not specified Description An HTML injection issue exists in NICE Chat. The issue allows an attacker to inject and display arbitrary HTML content within email transcripts. This is achieved by manipulating the firstNa...
Cross-site Scripting (XSS)
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the customer registration input fields. An attacker can execute arbitrary scripts in the context of an administrator's browser by injecting malicious...
CVE-2020-36978
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...
CVE-2020-36978 Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...
CVE-2020-36978 Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...
PT-2026-5001
Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...
CVE-2025-41003
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003
The CVE-2025-41003 entry concerns Imaster’s Patient Record Management System, where a stored XSS vulnerability exists in the endpoint /projects/hospital/admin/edit_patient.php. The issue is triggered by injecting a malicious script into the firstname parameter, whose payload is persisted and exec...
CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options
Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...
PT-2026-2262
Name of the Vulnerable Software and Affected Versions Imaster Patient Record Management System affected versions not specified Description The software contains a stored Cross-Site Scripting XSS issue in the /projects/hospital/admin/edit patient.php endpoint. An attacker can inject a malicious...
Imaster Patient Record Management System 跨站脚本漏洞
Imaster Patient Record Management System is a patient record management system by the individual developer Nzioka Victor. The Imaster Patient Record Management System suffers from a cross-site scripting vulnerability that stems from insufficient validation of the firstname parameter in the endpoi...