CVE-2023-6574

CVE-2023-6574 affects Byzoro Smart S20 (up to 20231120) and Beijing Baichuo Smart S20. The flaw is in the HTTP POST Request Handler, specifically the 1_file_upload argument in /sysmanage/updateos.php, whose manipulation leads to unrestricted file upload. The vulnerability allows remote exploitati...

CVE-2023-6075

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack...

CVE-2023-6075 PHPGurukul Restaurant Table Booking System Reservation Request index.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack...

PHPGurukul Restaurant Table Booking System Security Vulnerability

PHPGurukul Restaurant Table Booking System is a restaurant table reservation system. A security vulnerability exists in PHPGurukul Restaurant Table Booking System version 1.0, which originates from a cross-site scripting XSS vulnerability in the file index.php of the component Reservation Request...

PT-2023-32500 · Unknown · Phpgurukul Restaurant Table Booking System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Restaurant Table Booking System version 1.0 Description: A problematic vulnerability has been found in the PHPGurukul Restaurant Table Booking System, affecting an unknown function of the file index.php of the component Reservation...

CVE-2007-10003

The CVE-2007-10003 entry concerns The Hackers Diet Plugin for WordPress (up to version 0.9.6b). The vulnerability affects the ajax_blurb.php component of the HTTP POST Request Handler, where manipulation of the user parameter leads to SQL injection. Exploitation is remote possible. Remediation is...

CVE-2023-46520

TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function uninstallPluginReqHandle...

Cross site scripting

A vulnerability was found in Portábilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agendaimprimir.php of the component HTTP GET Request Handler. The manipulation of the argument codagenda with the inp...

CVE-2023-5495

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata0title/searchdata0searchfield/searchdata0searchvalue...

Sql injection

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata0title/searchdata0searchfield/searchdata0searchvalue...

CVE-2023-5495

CVE-2023-5495 affects QDocs Smart School 6.4.1. The vulnerability is a SQL injection in the HTTP POST Request Handler, triggered by manipulating the POST parameters searchdata[0][title], searchdata[0][searchfield], and searchdata[0][searchvalue] sent to /course/filterRecords/. Root cause: input d...

CVE-2023-4559

A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may...

Out-of-bounds

A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may...

PT-2023-29580 · Unknown · Bettershop Laiketui

Name of the Vulnerable Software and Affected Versions: Bettershop LaikeTui affected versions not specified Description: A critical issue has been found in Bettershop LaikeTui, affecting some unknown functionality of the file "index.php?module=api&action=user&m=upload" of the component POST Reques...

Weaviate 安全漏洞

Weaviate is an open source vector database from Weaviate Open Source. A security vulnerability exists in Weaviate version v.1.20.0, which stems from a vulnerability that allows attackers to cause a denial of service DoS via the handleUnbatchedGraphQLRequest function...

CVE-2023-4407

A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/accountstatement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The...

Sql injection

A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/accountstatement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The...

PT-2023-29086 · Unknown · Codecanyon Credit Lite

Name of the Vulnerable Software and Affected Versions: Codecanyon Credit Lite version 1.5.4 Description: A critical vulnerability was found in the component POST Request Handler, specifically in the file /portal/reports/account statement. The manipulation of the date1 and date2 arguments leads to...

Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

Cross site scripting

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...