CVE-2024-32236

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component...

PT-2024-24468 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy versions 7.7 and earlier Description: The issue allows a remote attacker to obtain sensitive information via the update function in the "index.php" component. Recommendations: For CmsEasy versions 7.7 and earlier, update to a version...

CVE-2024-32236

CmsEasy CVE-2024-32236 affects CmsEasy v7.7 and earlier. The issue resides in the update function of the index.php component, enabling a remote attacker to obtain sensitive information (information disclosure). Affected versions should be updated to a version later than 7.7 to resolve the issue. ...

CVE-2024-32236

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component...

CVE-2024-32206

A stored cross-site scripting XSS vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter...

CVE-2024-3535 Campcodes Church Management System index.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Church Management System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-3526

A vulnerability has been found in Campcodes Online Event Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely...

CVE-2024-3526

A vulnerability has been found in Campcodes Online Event Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely...

CVE-2024-3526 Campcodes Online Event Management System index.php cross site scripting

A vulnerability has been found in Campcodes Online Event Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely...

CVE-2024-3525 Campcodes Online Event Management System index.php cross site scripting

A vulnerability, which was classified as problematic, was found in Campcodes Online Event Management System 1.0. Affected is an unknown function of the file /views/index.php. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2024-3523

A vulnerability classified as critical was found in Campcodes Online Event Management System 1.0. This vulnerability affects unknown code of the file /views/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2024-3364 SourceCodester Online Library System index.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-3364 SourceCodester Online Library System index.php cross site scripting

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-3363 SourceCodester Online Library System index.php sql injection

A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack...

CVE-2024-3360 SourceCodester Online Library System index.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Online Library System 1.0. Affected is an unknown function of the file admin/books/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2024-3358

A vulnerability classified as problematic was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument to leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2024-3353 SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injection

A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/modreports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiat...

CVE-2024-31008

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file...

CVE-2024-31008

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file...

CVE-2024-31008

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file...