Lucene search
K

37 matches found

CNVD
CNVD
added 2024/12/30 12:0 a.m.2 views

Maid Hiring Management System profile.php file cross-site scripting vulnerability

Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability in the file /admin/profile.php that stems from a lack of adequate validation and filtering of the input of the name parameter. No details of the...

6.1CVSS3.9AI score0.00294EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.4 views

PHPGurukul Maid Hiring Management System 代码注入漏洞

Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability in the file /admin/profile.php that stems from a lack of adequate validation and filtering of the input of the name parameter. No details of the...

6.1CVSS3.9AI score0.00294EPSS
Exploits0References4
OSV
OSV
added 2024/12/16 9:15 p.m.2 views

CVE-2024-55100

A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter...

4.8CVSS5.9AI score0.00297EPSS
Exploits1References2
OSV
OSV
added 2024/11/26 5:15 p.m.5 views

CVE-2024-53365

A stored cross-site scripting XSS vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field...

5.4CVSS5.7AI score0.00364EPSS
Exploits1References2
OSV
OSV
added 2024/11/10 3:15 p.m.5 views

CVE-2024-11055

A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated...

9.8CVSS5.8AI score0.00628EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/11/10 12:0 a.m.4 views

1000 Projects Beauty Parlour Management System 注入漏洞

1000 Projects Beauty Parlour Management System is an open source beauty parlor management system from 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Beauty Parlour Management System, which originates from the parameter adminname in the file...

9.8CVSS7.9AI score0.00628EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.3 views

Campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which originates from an SQL injection vulnerability in the myindex...

9.8CVSS7.9AI score0.00713EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.4 views

Petrol Pump Management Software Cross-Site Scripting Vulnerability

Petrol Pump Management Software is a gasoline pump management software by mayurik individual developer. A cross-site scripting vulnerability exists in Petrol Pump Management Software version 1.0, which stems from a cross-site scripting issue in the /admin/app/profilecrud.php file...

4.8CVSS6.2AI score0.00398EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/25 12:0 a.m.4 views

Campcodes Beauty Salon Management System 跨站脚本漏洞

Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes, Inc. A cross-site scripting vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which stems from unknown processing in /admin/admin-profile.php, leading to cross-site scripting v...

6.1CVSS4.6AI score0.00519EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.6 views

PT-2023-26208 · Unknown · Bug Finder Foody Friend

Name of the Vulnerable Software and Affected Versions: Bug Finder Foody Friend version 1.0 Description: A problematic issue has been found in the Profile Picture Handler component, affecting some unknown functionality of the file /user/profile. The manipulation of the profile picture argument lea...

8.8CVSS4.9AI score0.00457EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.4 views

RemoteClinic SQL注入漏洞

Saad Irfan RemoteClinic is a Saad Irfan open source application. Provides the ability to remotely manage your clinic via the Web. A SQL injection vulnerability exists in RemoteClinic version 2.0, which originates from SQL injection and allows attackers to execute arbitrary commands and obtain...

9.8CVSS9AI score0.00792EPSS
Exploits1References2
OSV
OSV
added 2022/11/08 6:15 p.m.4 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

5.4CVSS5.8AI score0.00505EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/08/20 12:0 a.m.3 views

Simple and Nice Shopping Cart Script 代码问题漏洞

Simple and Nice Shopping Cart Script is simple and nice PHP shopping cart script. Simple and Nice Shopping Cart Script suffers from a code issue vulnerability that stems from an unknown function in /mkshop/Men/profile.php, which can be exploited by an attacker to upload arbitrary files...

8.8CVSS8.2AI score0.00693EPSS
Exploits1References3
OSV
OSV
added 2022/07/15 12:15 p.m.4 views

CVE-2020-35261

Cross Site Scripting XSS vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php...

5.4CVSS5.8AI score0.00989EPSS
Exploits1References4
OSV
OSV
added 2022/06/15 7:15 p.m.5 views

CVE-2022-32378

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/getteacherprofile.php?myindex=...

7.2CVSS5.8AI score0.00909EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/06/15 12:0 a.m.4 views

Advanced School Management System SQL注入漏洞

Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getparentsprofile.php?myindex=The page lacks validation of externally entered SQL...

7.2CVSS5.9AI score0.00909EPSS
Exploits1References2
OSV
OSV
added 2019/11/06 3:15 p.m.4 views

CVE-2019-13078

Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/userprofile.php. The affected parameter is sortcolumn...

8.8CVSS7.5AI score0.01235EPSS
Exploits0References2
Rows per page
Query Builder