Lucene search
K

15793 matches found

Vulnrichment
Vulnrichment
added 2025/05/23 12:0 a.m.5 views

CVE-2024-48704

Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes...

6.4AI score0.00228EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/23 12:0 a.m.10 views

CVE-2024-48704

Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus.php via the parameter pagedes...

0.00228EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.3 views

PHPGurukul Old Age Home Management System 安全漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul. A security vulnerability exists in PHPGurukul Old Age Home Management System version v1.0, which originates from HTML injection in the searchdata parameter...

5.4CVSS7AI score0.00209EPSS
Exploits1References1
CVE
CVE
added 2025/05/23 12:0 a.m.49 views

CVE-2024-48702

PHPGurukul Old Age Home Management System v1.0 is affected by HTML Injection through the searchdata parameter. The root cause is improper handling/escaping of input in the searchdata field, enabling injection of HTML content. Impact in documents indicates low to moderate risk for information disc...

5.4CVSS6.7AI score0.00209EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.3 views

PT-2025-22804 · Unknown · Phpgurukul Medical Card Generation System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Medical Card Generation System version 1.0 Description: The issue is related to HTML Injection in the admin/contactus.php file via the pagedes parameter. This allows for potential malicious code injection. Recommendations: For...

6.1CVSS6.7AI score0.00228EPSS
Exploits1References5
CVE
CVE
added 2025/05/23 12:0 a.m.52 views

CVE-2024-48704

CVE-2024-48704 affects Phpgurukul Medical Card Generation System v1.0. The issue is an HTML injection in admin/contactus.php via the pagedes parameter, caused by insufficient input filtering/escaping. Potential for injecting Web script/HTML (per CNVD/CNNVD entries); no exploit details provided in...

6.1CVSS6.7AI score0.00228EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.5 views

PT-2025-22803 · Unknown · Phpgurukul Old Age Home Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Old Age Home Management System version 1.0 Description: The issue concerns HTML Injection via the searchdata parameter. This allows for potential malicious code injection into the system. Recommendations: For PHPGurukul Old Age Hom...

5.4CVSS7AI score0.00209EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/23 12:0 a.m.7 views

CVE-2024-48702

PHPGurukul Old Age Home Management System v1.0 is vulnerable to HTML Injection via the searchdata parameter...

7.3AI score0.00209EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/23 12:0 a.m.11 views

CVE-2024-48702

PHPGurukul Old Age Home Management System v1.0 is vulnerable to HTML Injection via the searchdata parameter...

0.00209EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.7 views

CVE-2022-42115

Cross-site scripting XSS vulnerability in the Object module's edit object details page in Liferay Portal 7.4.3.4 through 7.4.3.36 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into the object field's Label text field...

5.4CVSS5.8AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:56 p.m.6 views

CVE-2022-43185

A stored cross-site scripting XSS vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...

5.4CVSS5.5AI score0.00961EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:52 p.m.12 views

CVE-2022-42112

A Cross-site scripting XSS vulnerability in the Portal Search module's Sort widget in Liferay Portal 7.2.0 through 7.4.3.24, and Liferay DXP 7.2 before fix pack 19, 7.3 before update 5, and DXP 7.4 before update 25 allows remote attackers to inject arbitrary web script or HTML via a crafted paylo...

5.4CVSS5.8AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.4 views

CVE-2022-2099

The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles...

4.8CVSS7AI score0.00559EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.4 views

CVE-2022-1074

A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input HTML Injection in the WiFi settings of the dashboard leads to html injection...

5.4CVSS6.3AI score0.00424EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:28 p.m.4 views

CVE-2022-40434

Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page...

9.8CVSS9.3AI score0.01305EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:21 p.m.4 views

CVE-2022-39270

DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories and have sufficient trust level - configured in component's settings are able to inject arbitrary HTML on that topic's page. The issue has been fixed on th...

5.4CVSS5.6AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:16 p.m.7 views

CVE-2022-36527

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module...

5.4CVSS7.1AI score0.00413EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:14 p.m.3 views

CVE-2022-22293

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAINMAXDECIMALSTOT parameter...

5.4CVSS6.6AI score0.00744EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.7 views

CVE-2022-36057

Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting XSS attack. Version 0.9 contains a patch for this issue...

5.4CVSS5.9AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.10 views

CVE-2022-32442

u5cms version 8.3.5 is vulnerable to Cross Site Scripting XSS. When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl 96502%27bad=", it can cause html injection...

6.1CVSS6.4AI score0.00726EPSS
Exploits1References1
Rows per page
Query Builder