2300 matches found
CVE-2023-37527
A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...
CVE-2023-37527
A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...
Cross site scripting
A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...
CVE-2023-37527
CVE-2023-37527 describes a reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform . The issue can allow an attacker to execute malicious JavaScript in the application session or database via remote injection while rendering content on a web page. Th...
CVE-2023-37527 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform
A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...
SUSE CVE-2021-33829
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
CVE-2024-0730
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file courseajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-0460
A vulnerability was found in code-projects Faculty Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/pages/student-print.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...
Judging Management System security breach
Judging Management System is a judging management system by Carlo Montero Personal Developer. A security vulnerability exists in Sourcecodester Judging Management System v1.0, which stems from an SQL injection vulnerability that allows remote attackers to execute arbitrary code and obtain sensiti...
CVE-2024-0280
A vulnerability has been found in Kashipara Food Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file itemtypesubmit.php. The manipulation of the argument typename leads to sql injection. The attack can be launched remotely...
CVE-2023-7172
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been...
PT-2023-32909 · Unknown · Shifuml Shifu
Name of the Vulnerable Software and Affected Versions: ShifuML shifu version 0.12.0 Description: A critical vulnerability has been found in the Java Expression Language Handler component, specifically in the file src/main/java/ml/shifu/shifu/core/DataPurifier.java. The manipulation of the...
PT-2023-32847 · Byzoro +1 · Byzoro S210 +1
Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231210 Beijing Baichuo S210 up to 20231210 Description: A critical issue has been discovered, affecting an unknown function of the file /importexport.php. The manipulation of the sql argument leads to injection. This issue...
CVE-2023-6772
A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-48206
A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...
CVE-2023-6402
A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2023-47094
A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...
DEBIAN-CVE-2023-46490
SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...
CVE-2022-48612
A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression validating whether a URL is controlled by ClassLink is not present in all applicable places...
PT-2023-32133 · Byzoro · Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform
Name of the Vulnerable Software and Affected Versions: Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform versions up to 20230928 Description: A critical issue affects some unknown functionality of the file /log/download.php, where the manipulation of the file argument...