CVE-2024-10747

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unittesting/templates/domdatath.php. The manipulation of the argument scripts leads to cross site scripting. The...

CVE-2024-10197

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /managesupplier.php of the component Manage Supplier Page. The manipulation of the argument address leads to cross site scripting. It is...

CVE-2024-9320

A vulnerability has been found in SourceCodester Online Timesheet App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /endpoint/add-timesheet.php of the component Add Timesheet Form. The manipulation of the argument day/task leads to cross site scripting. Th...

PT-2024-38541 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: FastCMS versions up to 0.1.5 Description: A vulnerability was found in the New Article Category Page component of FastCMS, affecting an unknown function. This issue leads to cross-site scripting and can be exploited remotely. The exploit has...

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

CVE-2024-7218

A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=savestudent. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit ha...

PT-2024-37572 · Labvantage · Labvantage Lims

Name of the Vulnerable Software and Affected Versions: LabVantage LIMS version 2017 WPML affected versions not specified Description: A problematic issue affects the processing of the file "/labvantage/rc?command=page" of the component POST Request Handler. The manipulation of the argument param1...

CVE-2024-4737

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vendor. The manipulation of the argument companyname/mobile leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2024-4727

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/court-type. The manipulation of the argument courtname leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-4721

A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /model/addstudentsubject.php. The manipulation of the argument index leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-4684

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /view/examtimetablegradewise.php. The manipulation of the argument exam leads to cross site scripting. It is possible to initiate...

CVE-2024-4678

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /view/findfriends.php. The manipulation of the argument mytype leads to cross site scripting. The...

CVE-2024-4673

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/showstudentgradesubject.php. The manipulation of the argument id leads to cross site scripting...

CVE-2024-4648

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /view/studentexammarkupdateform.php. The manipulation of the argument stdindex leads to cross site scripting...

PT-2024-7375 · Unknown · Форсайт. Аналитическая Платформа

Name of the Vulnerable Software and Affected Versions: Форсайт. Аналитическая платформа affected versions not specified Description: The issue is related to the lack of protection for the web page structure, which can be exploited by a remote attacker to conduct a cross-site scripting XSS attack...

CVE-2024-2391

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-27684

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

CVE-2024-1031

A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The...

CVE-2024-1030

A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The associated...

Bosch Nexo cordless nutrunner security breach

Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows remote attackers to inject and execute arbitrary client-side scripting code within a...