CVE-2023-34869

PHPJabbers Catering System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php?controller=pjAdmin&action=pjActionForgot...

CVE-2023-34869

PHPJabbers Catering System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php?controller=pjAdmin&action=pjActionForgot...

Availability Booking Calendar PHP Cross Site Scripting Vulnerability

Availability Booking Calendar PHP is GZ Scripts open source an availability booking calendar system . Availability Booking Calendar PHP v1.0 version of a cross-site scripting vulnerability , the vulnerability stems from the file index.php parameter promocode on the user-supplied data lack of...

Sql injection

A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

CVE-2023-3988 Cafe Billing System Order index.php sql injection

A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

CVE-2023-3988

Cafe Billing System 1.0 contains an SQL injection in the Order Handler: index.php vulnerable when the id parameter is manipulated. The issue can be exploited remotely, with the exploit publicly disclosed (VDB-235609). The Connected documents do not provide a confirmed patch version or official mi...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

CVE-2023-3969 GZ Scripts Availability Booking Calendar PHP HTTP POST Request index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

CVE-2023-3873 Campcodes Beauty Salon Management System index.php sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-3694

A vulnerability, which was classified as critical, has been found in SourceCodester/projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester House Rental and Property Listing 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated...

Cross site scripting

A vulnerability was found in Nesote Inout Search Engine AI Edition 1.1. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The associated...

CVE-2023-3685 Nesote Inout Search Engine AI Edition index.php cross site scripting

A vulnerability was found in Nesote Inout Search Engine AI Edition 1.1. It has been classified as problematic. This affects an unknown part of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The associated...

CVE-2023-37189

A stored cross site scripting XSS vulnerability in index.php?menu=billingrates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module...

CVE-2023-3564

A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/calid leads to cross site scripting. It is possible to launch the attack...

CVE-2023-3562

A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this...

Cross site scripting

A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this...

GZ Scripts GZ Multi Hotel Booking System 跨站脚本漏洞

GZ Scripts GZ Multi Hotel Booking System is a hotel booking system from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts GZ Multi Hotel Booking System, which stems from an unknown issue with /index.php...

CVE-2023-3564 GZ Scripts GZ Multi Hotel Booking System index.php cross site scripting

A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/calid leads to cross site scripting. It is possible to launch the attack...

CVE-2023-3562

GZ Scripts PHP CRM Platform 1.8 is affected by CVE-2023-3562. The vulnerability arises from improper handling of the action parameter in /index.php, enabling cross-site scripting. Reports consistently cite remote feasibility via a network vector, with the root cause described as manipulation of a...