CVE-2023-3990

Mingsoft MCMS

CVE-2023-3969 GZ Scripts Availability Booking Calendar PHP HTTP POST Request index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

CVE-2023-3850

A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deletecategory of the component HTTP POST Request Handler. The manipulation of the argume...

PT-2023-26480 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /classes/Master.php?f=delete category of the component HTTP POST Request...

CVE-2023-3827

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /listplace/user/ticket/create of the component HTTP POST Request Handler. The manipulation of the argument message leads...

Cross site scripting

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /listplace/user/ticket/create of the component HTTP POST Request Handler. The manipulation of the argument message leads...

CVE-2023-3827

CVE-2023-3827 affects Bug Finder Listplace Directory Listing Platform 3.0. The vulnerability is in the HTTP POST Request Handler, specifically the /listplace/user/ticket/create endpoint, where manipulating the message argument leads to cross-site scripting. The attack is described as potentially ...

CVE-2023-3793

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

CVE-2023-3793

CVE-2023-3793 affects Weaver e-cology. The vulnerability resides in the HTTP POST Request Handler, specifically the filelFileDownloadForOutDoc.class, where the fileid parameter can be manipulated (example: 1+WAITFOR+DELAY) to yield SQL injection. Affected versions are prior to 10.58.0. Upgrading ...

CVE-2023-3783

A vulnerability was found in Webile 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP POST Request Handler. The manipulation of the argument newfilename/c leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

Webile 跨站脚本漏洞

webileapps Webile is an application from webileapps, Inc. A cross-site scripting vulnerability exists in Webile version 1.0.1, which stems from the parameter newfilename/c of the component HTTP POST Request Handler can lead to cross-site scripting...

PT-2023-26133 · Webile · Webile

Name of the Vulnerable Software and Affected Versions: Webile version 1.0.1 Description: A vulnerability was found in the HTTP POST Request Handler component. The manipulation of the new file name/c argument leads to cross-site scripting. It is possible to launch the attack remotely. The exploit...

CVE-2023-3680

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3679

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=saveinquiry of the component HTTP POST Request Handler. The manipulation of the argument id lead...

CVE-2023-3680

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3678 SourceCodester AC Repair and Services System HTTP POST Request sql injection

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteinquiry of the component HTTP POST Request Handler. The manipulation of the argument ...

CVE-2023-3658

A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=deletebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3658

CVE-2023-3658 affects SourceCodester AC Repair and Services System 1.0, specifically the HTTP POST Request Handler in Master.php?f=delete_book. The vulnerability arises from unsafely manipulating the id parameter, leading to SQL injection that can be exploited remotely. Reports indicate a critica...

CVE-2023-3657

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=savebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injectio...