CVE-2023-30545

PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...

PT-2023-25230 · Unknown · Gz Scripts Ticket Booking Script

Name of the Vulnerable Software and Affected Versions: GZ Scripts Ticket Booking Script version 1.8 Description: A problematic issue has been found in the software, affecting some unknown functionality of the file /load.php. The manipulation of the arguments first name, second name, phone, addres...

Availability Booking Calendar PHP 跨站脚本漏洞

Availability Booking Calendar PHP is a GZ Scripts open source availability booking calendar system . A cross-site scripting vulnerability exists in GZ Scripts Availability Booking Calendar PHP version 1.8, which stems from the parameter cid/firstname/secondname/address1/country in the file load.p...