Home Clean Services Management System Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Home Clean Services Management System version 1.0, which originates from register.php?link=registerand fails to properly filter the special elements of the construction snippet. An attacker could exploit this vulnerability to cause arbitrary code...

Home Clean Services Management System Cross-Site Scripting Vulnerability

Home Clean Services Management System is a home cleaning service system. version 1.0 of Home Clean Services Management System is vulnerable to a cross-site scripting vulnerability that originates in register.php?link=registerand lacks checksum filtering of user-supplied data and a lack of data...

GHSA-GJCJ-FJ23-5J5V GeniXCMS SQL injection vulnerability

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

GeniXCMS SQL injection vulnerability

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

GHSA-2M9R-PM7Q-WR6F GeniXCMS denial of service (account blockage)

GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service account blockage by leveraging the mishandling of certain username substring relationships, such as the admin username versus the admin username, related to register.php, User.class.php, and Type.class.php...

GeniXCMS Mailbox validation logic vulnerability

GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit&id=1 request...

GHSA-559C-W54X-8342 GeniXCMS Mailbox validation logic vulnerability

GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit&id=1 request...

CVE-2022-27352

Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-25114

Event Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the fullname parameter under register.php...

Cross site scripting

Event Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the fullname parameter under register.php...

CVE-2022-25114

The CVE-2022-25114 entry concerns Event Management v1.0, with a reflected XSS weakness in the full_name field of register.php. Affected software is Event Management (v1.0) as described in multiple sources; root cause is unsafe handling/echo of user-supplied input in the registration form, enablin...

CVE-2021-44091

A Cross-Site Scripting XSS vulnerability exists in Courcecodester Multi Restaurant Table Reservation System 1.0 in register.php via the 1 fullname, 2 phone, and 3 address parameters...

CVE-2021-44091

A Cross-Site Scripting XSS vulnerability exists in Courcecodester Multi Restaurant Table Reservation System 1.0 in register.php via the 1 fullname, 2 phone, and 3 address parameters...

CVE-2021-44091

CVE-2021-44091 targets SourceCodester/ Courcecodester Multi Restaurant Table Reservation System 1.0. The XSS vulnerability occurs in register.php via the fullname, phone and address parameters, allowing injection of client-side code. Public documentation from multiple sources (CNVD/CNNVD, NVD/CVE...

Sql injection

USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...

CVE-2022-21643

CVE-2022-21643 concerns USOC, an open-source CMS. The vulnerability is a SQL injection in register.php triggered by unsanitized user inputs (username, email, password) used to construct SQL statements. Affected versions are susceptible; upgrade is advised and there are no documented workarounds i...

CVE-2022-21643 SQL Injection in USOC

USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...

CVE-2022-21643 SQL Injection in USOC

USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...

CVE-2022-21643 SQL Injection in USOC

USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...

CVE-2020-20797

FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php...