7 matches found
CVE-2026-34111
Guardian language-system passes the id GET parameter directly into a PHP exec call in speechmactext.php line 18 without sanitization: exec"php jobs/speechaudiomactext.php ".$loginsession." ".$GET'id'." ...". No authentication is required. An unauthenticated remote attacker can append shell...
CVE-2026-34097
Guardian language-system fails to sanitize the id GET parameter before inserting it into multiple HTML form action attributes in textfile.php lines 94, 101, 323, 403, 826, 852. An authenticated attacker can craft a URL that injects script tags executing in the victim's browser session...
EUVD-2026-32097
The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...
PT-2026-42249
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single unit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML attribute. Attackers can craft a malicio...
CVE-2022-0189
The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprssfetchitemsrowaction AJAX action before outputting it back in the response, leading to a Reflected Cross-Site Scripting...
Campcodes Online Traffic Offense Management System 跨站脚本漏洞
Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A cross-site scripting vulnerability exists in Campcodes Online Traffic Offense Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the...
Sql injection
The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...