37 matches found
Maid Hiring Management System profile.php file cross-site scripting vulnerability
Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability in the file /admin/profile.php that stems from a lack of adequate validation and filtering of the input of the name parameter. No details of the...
PHPGurukul Maid Hiring Management System 代码注入漏洞
Maid Hiring Management System is a maid hiring management system. Maid Hiring Management System suffers from a cross-site scripting vulnerability in the file /admin/profile.php that stems from a lack of adequate validation and filtering of the input of the name parameter. No details of the...
CVE-2024-55100
A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter...
CVE-2024-53365
A stored cross-site scripting XSS vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field...
CVE-2024-11055
A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated...
1000 Projects Beauty Parlour Management System 注入漏洞
1000 Projects Beauty Parlour Management System is an open source beauty parlor management system from 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Beauty Parlour Management System, which originates from the parameter adminname in the file...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which originates from an SQL injection vulnerability in the myindex...
Petrol Pump Management Software Cross-Site Scripting Vulnerability
Petrol Pump Management Software is a gasoline pump management software by mayurik individual developer. A cross-site scripting vulnerability exists in Petrol Pump Management Software version 1.0, which stems from a cross-site scripting issue in the /admin/app/profilecrud.php file...
Campcodes Beauty Salon Management System 跨站脚本漏洞
Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes, Inc. A cross-site scripting vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which stems from unknown processing in /admin/admin-profile.php, leading to cross-site scripting v...
PT-2023-26208 · Unknown · Bug Finder Foody Friend
Name of the Vulnerable Software and Affected Versions: Bug Finder Foody Friend version 1.0 Description: A problematic issue has been found in the Profile Picture Handler component, affecting some unknown functionality of the file /user/profile. The manipulation of the profile picture argument lea...
RemoteClinic SQL注入漏洞
Saad Irfan RemoteClinic is a Saad Irfan open source application. Provides the ability to remotely manage your clinic via the Web. A SQL injection vulnerability exists in RemoteClinic version 2.0, which originates from SQL injection and allows attackers to execute arbitrary commands and obtain...
CVE-2021-40303
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
Simple and Nice Shopping Cart Script 代码问题漏洞
Simple and Nice Shopping Cart Script is simple and nice PHP shopping cart script. Simple and Nice Shopping Cart Script suffers from a code issue vulnerability that stems from an unknown function in /mkshop/Men/profile.php, which can be exploited by an attacker to upload arbitrary files...
CVE-2020-35261
Cross Site Scripting XSS vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php...
CVE-2022-32378
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/getteacherprofile.php?myindex=...
Advanced School Management System SQL注入漏洞
Advanced School Management System is a school management system developed by Angel Jude Reyes Suarez. v1.0 of Advanced School Management System is vulnerable to SQL injection, which originates from /school/model /getparentsprofile.php?myindex=The page lacks validation of externally entered SQL...
CVE-2019-13078
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /common/userprofile.php. The affected parameter is sortcolumn...