CVE-2023-41525

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patientcontact parameter in patientsearch.php...

CVE-2023-41530

Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the appcontact parameter in appsearch.php...

The vulnerability of the search.php script in the Real Estate Property Management System allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the search.php script in the Real Estate Property Management System is related to the lack of measures taken to protect the web page structure when processing the PropertyName parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

CVE-2025-0197

A vulnerability classified as critical was found in code-projects Point of Sales and Inventory Management System 1.0. This vulnerability affects unknown code of the file /user/search.php. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely. The explo...

Online Marriage Registration System 跨站脚本漏洞

Online Marriage Registration System is a website builder that supports online marriage registration. A cross-site scripting vulnerability exists in Online Marriage Registration System version 1.0, which stems from a cross-site scripting XSS vulnerability in the searchdata parameter of file...

PT-2023-29357 · Unknown · Online Bus Booking System

Name of the Vulnerable Software and Affected Versions: Online Bus Booking System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the source parameter of the "search.php" resource does not validate the characters received and they a...

CVE-2023-3945

A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been classified as problematic. This affects an unknown part of the file search.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235401 was assigned to this...

Lawyer 跨站脚本漏洞

Lawyer is a legal and lawyer website by the phpscriptpoint team. A cross-site scripting vulnerability exists in phpscriptpoint Lawyer version 1.6, which stems from the presence of some unknown functions in search.php that lead to cross-site scripting...

Carlisting SQL注入漏洞

Carlisting is a responsive car listings directory content management system CMS by the phpscriptpoint team. A SQL injection vulnerability exists in Carlisting version 1.6, which stems from unknown processing of the file search.php in the component GET Parameter Handler, via the parameters...

Trac Open Redirect vulnerability

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

GHSA-RCMJ-XP8F-F6Q4 Trac Open Redirect vulnerability

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function...

The vulnerability of the Fantastic Blog CMS content management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Fantastic Blog CMS content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using the search.php script...

CVE-2020-10584

A directory traversal on the /admin/searchby.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application...

CVE-2020-35151

The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection...

Input validation

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL...

CVE-2020-15717

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. A remote attacker could exploit this vulnerability using the advanced parameter in a crafted URL...

PHP Scripts Mall Lawyer Search Script Cross Site Scripting Vulnerability

PHP Scripts Mall Lawyer Search Script is a set of PHP based law firm management scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Lawyer Search Script version 1.0.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or...

CVE-2018-6861

Cross Site Scripting XSS exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter...

CVE-2018-6861

Cross Site Scripting XSS exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter...

Cross site scripting

Cross Site Scripting XSS exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter...