25 matches found
MedDream PACS Premium emailfailedjob reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2255 MedDream PACS Premium emailfailedjob reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54495 SUMMARY A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premiu...
EUVD-2014-8136
Malware in sbrugna...
CVE-2014-8295
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter...
CVE-2025-28402
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter...
CVE-2025-28402
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter...
CVE-2025-28402
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter...
CVE-2025-28402
Consolidated details: CVE-2025-28402 affects RUoYi v4.8.0 and allows a remote attacker to escalate privileges via the jobId parameter. Connected sources confirm the issue; no official patch/version fix is documented in the provided connected documents. PT-2025-15243 notes there is no information ...
PT-2025-15243 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the jobId parameter. Recommendations: For RUoYi version 4.8.0, consider restricting access to the jobId parameter to minimize the risk of...
CVE-2025-25189
The ZOO-Project is an open source processing platform. A reflected Cross-Site Scripting vulnerability exists in the ZOO-Project Web Processing Service WPS publish.py CGI script prior to commit 7a5ae1a. The script reflects user input from the jobid parameter in its HTTP response without proper HTM...
CVE-2025-25189 [XBOW-025-031] Reflected Cross-Site Scripting via jobid Parameter in ZOO-Project WPS publish.py CGI Script
The ZOO-Project is an open source processing platform. A reflected Cross-Site Scripting vulnerability exists in the ZOO-Project Web Processing Service WPS publish.py CGI script prior to commit 7a5ae1a. The script reflects user input from the jobid parameter in its HTTP response without proper HTM...
CVE-2025-25189 [XBOW-025-031] Reflected Cross-Site Scripting via jobid Parameter in ZOO-Project WPS publish.py CGI Script
The ZOO-Project is an open source processing platform. A reflected Cross-Site Scripting vulnerability exists in the ZOO-Project Web Processing Service WPS publish.py CGI script prior to commit 7a5ae1a. The script reflects user input from the jobid parameter in its HTTP response without proper HTM...
PT-2025-6112 · Unknown · Zoo-Project
Name of the Vulnerable Software and Affected Versions: ZOO-Project versions prior to commit 7a5ae1a Description: The issue is related to a reflected Cross-Site Scripting vulnerability in the ZOO-Project Web Processing Service WPS publish.py CGI script. This vulnerability occurs because the script...
ZOO-Project 跨站脚本漏洞
ZOO-Project is an open source processing platform from ZOO-Project Open Source. ZOO-Project suffers from a cross-site scripting vulnerability that stems from the publish.py CGI script reflecting user input for the jobid parameter directly into the HTTP response without HTML coding or cleanup...
CVE-2024-8471
Cross-Site Scripting XSS vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php...
PHPGurukul Job Portal 跨站脚本漏洞
PHPGurukul Job Portal is a PHP-based job search website system from PHPGurukul. A cross-site scripting vulnerability exists in PHPGurukul Job Portal version 1.0, which originates from the JOBID and USERNAME parameters in /jobportal/process.php...
CVE-2023-41015
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via /Employer/DeleteJob.php?JobId=1...
Cisco Data Center Network Manager deleteVpcHistory SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2017-9603
SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php...
CVE-2017-9603
SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php...
CVE-2017-9603
SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php...