Online Pizza Ordering System 跨站脚本漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, a personal developer. A security vulnerability exists in Online Pizza Ordering System version 1.0, which originates from a cross-site scripting XSS vulnerability in /php-opos/signup.php, which can be exploited by an...

PT-2023-21010 · Unknown · Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: Online Pizza Ordering System version 1.0 Description: A cross-site scripting XSS issue in the /php-opos/signup.php endpoint of the Online Pizza Ordering System allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

The vulnerability of the signup.php script in the Dental Clinic Appointment Reservation System allows attackers to perform cross-site scripting attacks.

The vulnerability in the signup.php script of the Dental Clinic Appointment Reservation System relates to insufficient protection of the website’s structure when processing the firstname parameter. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

CVE-2023-1036

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross...

PT-2023-1563 · Sourcecodester · Dental Clinic Appointment Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Dental Clinic Appointment Reservation System version 1.0 Description: A vulnerability was found in the Dental Clinic Appointment Reservation System, affecting the file /APR/signup.php, specifically the POST Parameter Handler...

Signup Form Detected

This is an informational notice that the scanner identified a potential signup form. No source data...

CVE-2023-24191

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the redirect parameter in signup.php...

CVE-2023-24191

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the redirect parameter in signup.php...

Online Food Ordering System 跨站脚本漏洞

A cross-site scripting vulnerability exists in Online Food Ordering System, an online food ordering system. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the redirect parameter of the signup.php page, which can be exploited by attackers to caus...

PT-2023-19467 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version v2 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability is present in the redirect parameter in the signup.php file. Recommendations: For Online Food Ordering...

Atlassian's Jira Service Management Found Vulnerable to Critical Vulnerability

Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that could be abused by an attacker to pass off as another user and gain unauthorized access to susceptible instances. The vulnerability is tracked as CVE-2023-22501 CVSS score: 9.4...

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira Service Management Server and Data Center. The vulnerability allows a malicious party able to obtain a user's signup token and thus obtain a user's signup token and thereby bypass authentication. To obtain a signup token, a malicious party must gain...

CVE-2023-22501

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled...

CVE-2023-22501

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled...

Authentication flaw

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled...

CVE-2023-22501

CVE-2023-22501 affects Jira Service Management Server and Data Center. It is an authentication vulnerability allowing impersonation to access signup tokens for users with never-logged-in accounts, if an attacker has write access to a User Directory and outgoing email enabled, and can access token...

CVE-2023-22501

An authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate another user and gain access to a Jira Service Management instance under certain circumstances. With write access to a User Directory and outgoing email enabled...

CVE-2023-0304

A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file adminclass.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotel...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file adminclass.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotel...

CVE-2023-0304 SourceCodester Online Food Ordering System Signup Module admin_class.php sql injection

A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file adminclass.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotel...