36 matches found
CVE-2026-6184
A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...
CVE-2026-6184 code-projects Simple Content Management System welcome.php cross site scripting
A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...
CVE-2026-6184
The vulnerability CVE-2026-6184 affects code-projects Simple Content Management System 1.0. A weakness exists in an unknown part of /web/admin/welcome.php where manipulating the argument News Title can result in cross-site scripting. Exploitation can be performed remotely, and public exploits are...
CVE-2026-6184 code-projects Simple Content Management System welcome.php cross site scripting
A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...
CVE-2020-36913
All-Dynamics Software enlogic:show 2.0.2 is affected by a session-fixation vulnerability that allows an attacker to set a predefined PHP session identifier during login. By forging a crafted HTTP GET to welcome.php with a manipulated session token, an attacker can bypass authentication and potent...
Client Details System welcome.php File SQL Injection Vulnerability
Client Details System is a client information system. Client Details System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file clientdetails/welcome.php. An attacker can exploit this...
CVE-2025-12279
A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affects unknown code of the file /welcome.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...
CVE-2025-12279
A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affects unknown code of the file /welcome.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...
CVE-2025-12279
CVE-2025-12279 affects code-projects Client Details System 1.0, with a cross-site scripting flaw in /welcome.php due to insufficient input filtering/escaping. The vulnerability is remote-exploitable and has been publicly disclosed; CVSS indicators show MEDIUM impact with LOW confidentiality/integ...
EUVD-2025-36174
A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affects unknown code of the file /welcome.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...
PT-2025-43947
Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A flaw exists in code-projects Client Details System 1.0 that allows for cross site scripting. The issue affects unknown code within the /welcome.php file and can be exploited remotel...
Code-Projects Client Details System 代码注入漏洞
Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...
Code-Projects Client Details System SQL注入漏洞
Client Details System is a client information system. Client Details System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file clientdetails/welcome.php. An attacker can exploit this...
EUVD-2006-2343
Malware in sbrugna...
GHSA-6PFC-W86R-54Q6 Welcome and About GeoServer pages communicate version and revision information
Impact The welcome and about page includes version and revision information about the software in use including library and components used. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Proof of Concept 1. Welco...
PT-2024-26395 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.26.0 Description: GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions, the welcome and about page includes version and revision...
PT-2024-30010 · Unknown · Mini-Inventory-And-Sales-Management-System
Name of the Vulnerable Software and Affected Versions: Mini Inventory and Sales Management System version commit 18aa3d Description: A cross-site scripting XSS issue in the /email/welcome.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into t...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
spring-boot: Spring Boot Welcome Page DoS Vulnerability
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...