Cross site scripting

eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /scheduler/index.php...

CVE-2023-3062

A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The identifier o...

Sql injection

A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The identifier o...

CVE-2023-3062 code-projects Agro-School Management System index.php sql injection

A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The identifier o...

CVE-2023-3062

CVE-2023-3062 concerns code-projects Agro-School Management System v1.0. The vulnerability affects an unknown function in index.php where manipulating the password parameter leads to a SQL injection, enabling remote exploitation. Multiple sources (NVD/Red Hat/CVE listing) corroborate the critical...

Path traversal

A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2023-3056 YFCMF index.php path traversal

A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2023-3056 YFCMF index.php path traversal

A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

YFCMF 安全漏洞

YFCMF is a software application. It provides a lightweight enterprise website management system. A security vulnerability exists in YFCMF before 3.0.4, which stems from unknown code in index.php that causes path traversal...

PT-2023-22332 · Sourcecodester · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting some unknown functionality of the file "index.php?page=edit user". The manipulation o...

CVE-2023-2922

A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...

CVE-2023-2922 SourceCodester Comment System GET Parameter index.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...

CVE-2023-2922

CVE-2023-2922 affects SourceCodester Comment System 1.0. The vulnerability is in the index.php file, within the GET Parameter Handler, where tampering the msg parameter triggers cross-site scripting. Exploitation is possible remotely and has been disclosed publicly. Several connected sources corr...

CVE-2023-29720

SofaWiki =3.8.9 is vulnerable to Cross Site Scripting XSS via index.php...

Cross site scripting

SofaWiki =3.8.9 is vulnerable to Cross Site Scripting XSS via index.php...

CVE-2023-2799 cnoa OA hard-coded password

A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5. Affected by this issue is some unknown functionality of the file /index.php?app=main&func=passport&action=login. The manipulation leads to use of hard-coded password. The exploit has been disclosed to t...

CVE-2023-29720

SofaWiki =3.8.9 is vulnerable to Cross Site Scripting XSS via index.php...

CVE-2023-29720

SofaWiki =3.8.9 is vulnerable to Cross Site Scripting XSS via index.php...

CVE-2023-29720

SofaWiki

SofaWiki 跨站脚本漏洞

SofaWiki is a CMS built on PHP. A cross-site scripting vulnerability exists in SofaWiki 3.8.9 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data in index.php, and can be exploited by an attacker to execute arbitrary web script or HTML by...