Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleterequest. id: CVE-2022-31976 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. id: CVE-2022-31974 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL Injectio...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry. id: CVE-2022-31978 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

CVE-2026-34406

APTRS Automated Penetration Testing Reporting System is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. Prior to version 2.0.1, the edituser endpoint POST /api/auth/edituser/ allows Any user who can reach that endpoint and submit...

Exploit for CVE-2023-12345

Shadow-Scan - Advanced Security Audit Framework 🔥 Overview...

CVE-2022-37253

Persistent cross-site scripting XSS in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter...

CVE-2022-31980

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manageteam=...

CVE-2022-31973

Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=deleteimg...

CVE-2022-31982

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/viewrequest=...

CVE-2022-31906

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

CVE-2022-31977

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam...

CVE-2022-31983

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/managerequest=...

CVE-2022-31974

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports=...

CVE-2022-31879

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter...

CVE-2022-31978

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry...

CVE-2022-31981

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/viewteam=...

CVE-2025-40696

Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'fullname', 'location' and 'message' parameters via POST at the endpoint '/ofrs/reporting.php'. This vulnerability could...

CVE-2025-40691

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'todate' parameter in the endpoint '/ofrs/admin/bwdates-report-result.php'...

Microsoft Nuance PowerScribe 360 Information Disclosure Vulnerability

Microsoft Nuance PowerScribe 360 is a medical image reporting system for speech recognition, report generation and workflow management in radiology. An information disclosure vulnerability exists in Microsoft Nuance PowerScribe 360, which is due to improper authorization validation. An attacker...