Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a cold storage management system. Simple Cold Storage Management System /csms/classes/Master.php?f=deletemessage SQL injection vulnerability can be exploited by a remote attacker to submit a specially crafted SQL request to manipulate a database, obtain...

Smart eVision 跨站脚本漏洞

Smart eVision Information Technology Smart eVision is a business intelligence platform of China Union Quan Information Technology Smart eVision Information Technology Company. It can integrate business management rooms, dashboards, reports, and input interfaces for business operations management...

Hospital Information System SQL注入漏洞

Hospital Information System is a hospital information management system organized by SourceCode and Projects. A SQL injection vulnerability exists in Hospital Information System version 1.0 that originates from a remote SQL injection that allows bypassing authentication...

CVE-2022-30604

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

Apartment Visitor Management System SQL注入漏洞

Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. Apartment Visitor Management System suffers from a SQL injection vulnerability that stems from some unknown functionality in the file action-visitor.php being affected, where...

Online Class and Exam Scheduling System SQL注入漏洞

Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System 1.0 suffers from a SQL injection vulnerability that originates from an unknown function in the file /pages/facultysched.php being affected. The operation parameter facult...

PT-2022-18025 · Sourcecodester · Sourcecodester Garage Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Garage Management System affected versions not specified Description: A critical issue has been found in the SourceCodester Garage Management System, allowing for SQL injection through the manipulation of the userName/uemail...

CVE-2016-15004

A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. ...

CVE-2016-15004 InfiniteWP Client Plugin injection

A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Upgrading to version 1.6.1.1 is able to address this issue. ...

Revmakx InfiniteWP Client Plugin 注入漏洞

Revmakx InfiniteWP Client Plugin is a self-hosted system from Revmakx India. Allows users to manage an unlimited number of WordPress sites from their own server. An injection vulnerability exists in Revmakx InfiniteWP Client Plugin version 1.5.1.3/1.6.0, the vulnerability stems from the affected ...

TypeORM SQL注入漏洞

TypeORM TypeORM is an excellent Node.js ORM framework. The goal of the software is to maintain support for the latest Javascript features; with the following features: 1 to provide one-to-one, many-to-one, one-to-many, many-to-many relational processing of tables; 2 to help develop a variety of...

WordPress Plugin WP-Filebase Download Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Plugin WP-Filebase Download Manager version 3.4.4 contains a cross-site scripting...

PT-2022-3049 · Unknown · Directory Management System

Name of the Vulnerable Software and Affected Versions: Directory Management System version 1.0 Description: The issue is related to a SQL injection vulnerability in the search-dirctory.php component of the Directory Management System. This vulnerability allows a remote attacker to execute arbitra...

Navetti PricePoint SQL注入漏洞

Navetti PricePoint is a unique pricing software solution from Navetti. designed to allow companies with international sales operations to develop locally based pricing structures that take unique local factors into account to achieve the best possible price for their product or service. A SQL...

CVE-2020-36531

A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remotely...

GHSA-3G6W-4M7X-97V6 Plone Cross-site scripting Vulnerability

Cross-site scripting XSS vulnerability in pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "u,translate."...

GHSA-J5V7-9XR5-M7GX TYPO3 Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field...

GHSA-9H85-V6XF-H26Q Jenkins allows Cross-Site Scripting (XSS)

Cross-site scripting XSS vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812...

GHSA-JXHP-RWQV-9FJJ concrete5 vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other unspecified vectors...

PT-2022-16184 · Aruba · Aruba Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.4 and below Aruba ClearPass Policy Manager versions 6.9.9 and below Aruba ClearPass Policy Manager versions 6.8.9-HF2 and below Aruba ClearPass Policy Manager versions 6.7.x and below Description: ...