CVE-2022-31913

Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting XSS via /odfs/classes/Master.php?f=savecategory, name...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31911

Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=deleteteam...

CVE-2022-31906

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31906

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

Cross site scripting

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

Cross site scripting

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

CVE-2022-31912

Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=deleteteam...

CVE-2022-31912

Online Tutor Portal Site v1.0 is affected by SQL Injection in the /otps/classes/Master.php?f=delete_team path. The issue stems from missing SQL data filtering/escaping, enabling an attacker to potentially access or modify database data. Connected records (RH:CVE-2022-31912, NVD/CVE-2022-31912, CN...

CVE-2022-31910

The CVE-2022-31910 entry concerns Online Tutor Portal Site v1.0 with a Cross-Site Scripting (XSS) vulnerability exploitable via /otps/classes/Master.php. The issue arises from lack of filtering/escaping of parameter data, enabling client-side JavaScript execution. Multiple connected sources (e.g....

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-32359

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=deletecategory...

CVE-2022-32348

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deletedoctor...

CVE-2022-32352

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deletepatientadmission...

Fast Food Ordering System SQL注入漏洞

Fast Food Ordering System, a fast food ordering system from Carlo Montero's personal developer, is vulnerable to a SQL injection vulnerability in version 1.0 of Fast Food Ordering System, which originates in /ffos/classes/Master.php?f=delete category page lacks validation of externally entered SQ...

Fast Food Ordering System 路径遍历漏洞

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to an arbitrary file deletion vulnerability, which originates in /ffos/classes/Master.php?f=deleteimg page lacks valid validation and can be...

Badminton Center Management System SQL注入漏洞（CNVD-2022-44733）

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System v1.0 provides an online and automated platform for badminton centers to manage their daily transactions and records. An SQL injection vulnerabilit...

Cross site scripting

A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation of the argument Description with the input foo " leads to cross site scripting. It is possible to launch the attack remotely but it...