Cross site scripting

Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...

CVE-2023-24648

Zstore v6.6.0 has an XSS vulnerability in the component /index.php. The issue is described as CVSS v3.1 base score 6.1 (Medium) with Network attack vector, low confidentiality/integrity impact, no availability impact; user interaction required. The vulnerability is tied to the /index.php entry po...

CVE-2023-24648

Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...

Online Food Ordering System index.php Cross-Site Scripting Vulnerability

Online Food Ordering System is an online food ordering system. A cross-site scripting vulnerability exists in Online Food Ordering System, which is caused by a lack of effective filtering and escaping of user-supplied data in the page parameter of index.php page, which can be exploited by attacke...

CVE-2015-10074 OpenSeaMap online_chart index.php init cross site scripting

A vulnerability was found in OpenSeaMap onlinechart 1.2. It has been classified as problematic. Affected is the function init of the file index.php. The manipulation of the argument mtext leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version staging is...

CVE-2023-24195

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in index.php...

Cross site scripting

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in index.php...

Design/Logic Flaw

Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php...

CVE-2023-24202

Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php...

CVE-2023-24202

Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php...

CVE-2023-24202

CVE-2023-24202 affects Raffle Draw System v1.0, whose vulnerability is a local file inclusion (LFI) via the page parameter in index.php. The cited sources consistently describe an LFI issue that could allow an attacker to access or include local files, potentially leading to data exposure or code...

CVE-2023-24195

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in index.php...

PT-2023-19470 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version v2 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the page parameter in the "index.php" endpoint. Recommendations: For Online Food...

CVE-2023-24195

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in index.php...

CVE-2022-48175

Rukovoditel v3.2.1 was discovered to contain a remote code execution RCE vulnerability in the component /rukovoditel/index.php?module=dashboard/ajaxrequest...

CVE-2022-48175

Rukovoditel v3.2.1 was discovered to contain a remote code execution RCE vulnerability in the component /rukovoditel/index.php?module=dashboard/ajaxrequest...

Cross-site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to missing checks on redirect values in index.php, allowing an attacker to inject and execute malicious JavaScript...

Sql injection

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

CVE-2023-0562 PHPGurukul Bank Locker Management System Login index.php sql injection

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...

CVE-2022-48012

Opencats v0.9.7 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /opencats/index.php?m=settings&a=ajaxtagsupd...