CVE-2026-9564

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...

CVE-2025-13349

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...

CVE-2024-42939

A cross-site scripting XSS vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field...

PT-2024-30211 · Yzncms · Yzncms

Name of the Vulnerable Software and Affected Versions: YZNCMS version 1.4.2 Description: A cross-site scripting XSS issue in the /index/index.html component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field...

CVE-2024-35583

A cross-site scripting XSS vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field...

Laboratory Management System 安全漏洞

Laboratory Management System is a laboratory management system by oretnom23 individual developer. A security vulnerability exists in Laboratory Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into...

PT-2024-26560 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Laboratory Management System version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. Recommendations: For...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

CVE-2022-44830

Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file...

PT-2022-27319 · Sourcecodester · Sourcecodester Event Registration App

Name of the Vulnerable Software and Affected Versions: Sourcecodester Event Registration App version 1.0 Description: The issue concerns multiple CSV injection vulnerabilities found in the Sourcecodester Event Registration App. These vulnerabilities are exploited via the First Name, Contact, and...

Event Registration App 安全漏洞

Event Registration App is a JavaScript application for registering event participants by Carlo Montero Personal Developer. A CSV injection vulnerability exists in Carlo Montero Event Registration App v1.0, which stems from improper use of the formula elements of the First Name, Contact, and Remar...

Sanitization Management System 安全漏洞

Sanitization Management System is a sanitization management system developed by Carlo Montero. A security vulnerability exists in Sanitization Management System version 1.0, which is a cross-site scripting vulnerability due to manipulation of the parameter "Manage Remarks"...

Wedding Hall Booking System 跨站脚本漏洞

Wedding Hall Booking System is a simple PHP-titled wedding hall booking system by the individual developer Carlo Montero. Wedding Hall Booking System suffers from a cross-site scripting vulnerability that stems from the manipulation of the parameter Remarks by an unknown function of the Booking...

CVE-2020-36011

A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...

Cross site scripting

A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...