846 matches found
CVE-2024-8366
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input alert...
Sweet-CMS SQL注入漏洞
Sweet-CMS is a high performance backend management system built on a powerful technology stack of Gin, GORM, Redis, Casbin, Viper, etc. by master-nan individual developer. Sweet-CMS 5f441e022b8876f07cde709c77b5be6d2f262e3f and prior versions suffer from a SQL injection vulnerability that originat...
PT-2024-38877 · Unknown · Code-Projects Online Quiz Site
Name of the Vulnerable Software and Affected Versions: code-projects Online Quiz Site version 1.0 Description: A critical issue affects the processing of the file index.php, where the manipulation of the loginid argument leads to SQL injection. The attack can be initiated remotely. The exploit ha...
CVE-2024-33978
Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'category' parameter in '/index.php'...
CVE-2024-7496
A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack can be initiated remotely. The exploit has been...
PT-2024-38386 · Unknown · Airline Reservation System
Name of the Vulnerable Software and Affected Versions: Airline Reservation System version 1.0 Description: A critical issue has been found in the Airline Reservation System, affecting the /index.php file. The manipulation of the page argument leads to file inclusion. This issue can be exploited...
PayPal,Credit Card and Debit Card Payment 跨站脚本漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe Personal Developer. A cross-site scripting vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can create a specially crafted URL and send it to the...
CVE-2024-7163
A vulnerability, which was classified as problematic, was found in SeaCMS 12.9. This affects an unknown part of the file /js/player/dmplayer/player/index.php. The manipulation of the argument color/vid/url leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...
PT-2024-37729 · WordPress · Intelligence Plugin
Name of the Vulnerable Software and Affected Versions: Intelligence plugin for WordPress versions up to, and including, 1.4.0 Description: The issue allows unauthenticated attackers to retrieve the full path of the web application, which can aid other attacks. This is due to the plugin not...
CVE-2024-6898
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument UserName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
PT-2024-37939 · Unknown · Sourcecodester Record Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file index.php. The manipulation of the UserName argument leads to sql injection. It is possible to initiate th...
VulnCheck KEV: CVE-2021-44892
A Remote Code Execution RCE vulnerability exists in ThinkPHP 3.x.x via valuefilename in index.php, which could let a malicious user obtain server control privileges...
playSMS Injection Vulnerability
playSMS is an open source SMS Short Message Service management software from Anton Raharja, an individual developer in India. An injection vulnerability exists in playSMS version 1.4.3, which stems from an issue in the /index.php?app=main&inc=featurefirewall&op=firewalllist file of the Template...
CVE-2024-6308
A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploi...
Simple Online Hotel Reservation System Security Vulnerability
Simple Online Hotel Reservation System is an online hotel reservation system. A security vulnerability exists in Simple Online Hotel Reservation System version 1.0, which originates from a parameter username in the file index.php that can lead to SQL injection...
CodeProjects Restaurant Reservation System Cross-Site Scripting Vulnerability
CodeProjects Restaurant Reservation System is a Php based restaurant reservation system. A cross-site scripting vulnerability exists in CodeProjects Restaurant Reservation System v1.0, which originates from a cross-site scripting vulnerability in the Date parameter of index.php...
Pool of Bethesda Online Reservation System SQL Injection Vulnerability
Pool of Bethesda Online Reservation System is a swimming pool online reservation system by janobe individual developer. A SQL injection vulnerability exists in Pool of Bethesda Online Reservation System version 1.0, which stems from a parameter logemail in the file index.php that can lead to SQL...
CVE-2024-6065
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument useremail leads to sql injection. The attack may be initiated remotely. The exploit has be...
PT-2024-37359 · Itsourcecode · Itsourcecode Bakery Online Ordering System
Name of the Vulnerable Software and Affected Versions: itsourcecode Bakery Online Ordering System version 1.0 Description: A critical issue affects the processing of the file index.php, where the manipulation of the user email argument leads to sql injection. The attack can be initiated remotely...
PT-2024-37140 · Unknown · Sourcecodester Stock Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Stock Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Stock Management System, affecting an unknown functionality of the file index.php of the component Login. The...