310 matches found
Stored-XSS-in-Inventory-System-using-PHP-and-MySQL
Stored XSS in Inventory System using PHP and MySQL Vulnera...
CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...
CVE-2026-5583
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
EUVD-2026-19111
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
CVE-2026-5583
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
CVE-2026-5583
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
CVE-2026-5583
CVE-2026-5583 concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerability targets an unknown part of the file /my-profile.php in the Parameter Handler and arises from manipulating the argument fullname , which leads to a SQL injection. The issue is described as exploitable remotely ...
CVE-2026-5583 PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
PT-2026-30450
A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotel...
PHPGurukul Online Shopping Portal Project SQL注入漏洞
The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “fullname” in the...
Craft CMS 跨站脚本漏洞
Craft CMS is an open-source content management system developed by Craft CMS. Versions of Craft CMS from 5.9.0-beta.1 to 5.9.10 contain a cross-site scripting vulnerability. This vulnerability arises from improper handling of the creator’s fullName field in the element editor, which may lead to...
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
EUVD-2026-10269
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
CVE-2026-3766 SourceCodester Web-based Pharmacy Product Management System edit-profile.php cross site scripting
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
CVE-2026-3766 SourceCodester Web-based Pharmacy Product Management System edit-profile.php cross site scripting
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
PT-2026-23977
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
SourceCodester Web-based Pharmacy Product Management System 代码注入漏洞
SourceCodester Web-based Pharmacy Product Management System is an open-source web-based pharmacy product management system developed by SourceCodester. Version 1.0 of the SourceCodester Web-based Pharmacy Product Management System contains a code injection vulnerability. This vulnerability stems...