7208 matches found
CVE-2024-10433
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched...
CVE-2024-10433 Project Worlds Simple Web-Based Chat Application index.php cross site scripting
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched...
CVE-2024-10433
The CVE-2024-10433 issue affects Project Worlds Simple Web-Based Chat Application 1.0. The vulnerability is a cross-site scripting flaw in the /index.php page, triggered by manipulating the Name/Comment parameter. It is described as exploitable remotely, with public disclosure of exploits. The av...
CVE-2024-10433 Project Worlds Simple Web-Based Chat Application index.php cross site scripting
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched...
CVE-2024-10432 Project Worlds Simple Web-Based Chat Application index.php sql injection
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched...
CVE-2024-10348 SourceCodester Best House Rental Management System Manage Tenant Details index.php cross site scripting
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name...
CVE-2024-10348 SourceCodester Best House Rental Management System Manage Tenant Details index.php cross site scripting
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name...
CVE-2024-10286
Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /testmail/index.php, parameter to...
CVE-2024-48623
DomainMOD
CVE-2024-48623
In queue\index.php of DomainMOD below v4.12.0, the listid and domainid parameters in the GET request can be exploited to cause a reflected Cross Site Scripting XSS...
CVE-2024-43365 Stored Cross-site Scripting (XSS) when creating external links in Cacti
Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...
CVE-2024-43365 Stored Cross-site Scripting (XSS) when creating external links in Cacti
Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...
CVE-2024-9460 Codezips Online Shopping Portal index.php sql injection
A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...
Pagekit Cross-site Scripting vulnerability
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
GHSA-XW32-6422-FRQM Pagekit Cross-site Scripting vulnerability
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-45967
Pagekit 1.0.18 is vulnerable to Cross Site Scripting XSS in index.php/admin/site/widget...
CVE-2024-9326 PHPGurukul Online Shopping Portal Admin Panel index.php sql injection
A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of the argument username leads to sql injection. The attack can be initiated...
CVE-2024-9091 code-projects Student Record System index.php sql injection
A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched remotely. The exploi...