37 matches found
Online-School SQL注入漏洞
Online-School is an online platform for schools by the individual developer Abdullah Hasan Sajjad Rafi. Online-School suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Email in the file /studentLogin.php, which could lead to a SQL injection attack...
PT-2025-43946
Name of the Vulnerable Software and Affected Versions Abdullah-Hasan-Sajjad Online-School versions prior to f09dda77b4c29aa083ff57f4b1eb991b98b68883 Description A flaw exists in Abdullah-Hasan-Sajjad Online-School. The issue is related to the manipulation of the Email argument in the...
EUVD-2024-45411
Malicious code in bioql PyPI...
CVE-2024-50548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdullah Nahian Awesome Progress Bar awesome-progess-bar allows DOM-Based XSS.This issue affects Awesome Progress Bar: from n/a through = 1.0.13...
CVE-2024-49643
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fifthsegment Whitelist fifthsegment-whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through = 3.5...
CVE-2024-50548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdullah Nahian Awesome Progress Bar awesome-progess-bar allows DOM-Based XSS.This issue affects Awesome Progress Bar: from n/a through = 1.0.13...
CVE-2024-50548
The CVE CVE-2024-50548 concerns the WordPress plugin Awesome Progress Bar with a Cross-Site Scripting (XSS) flaw in DOM-based handling due to improper input neutralization during page generation. Affected versions are up to 1.0.1. Connected sources corroborate the vulnerability as an XSS issue (P...
CVE-2024-50548 WordPress Awesome Progress Bar plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdullah Nahian Awesome Progress Bar awesome-progess-bar allows DOM-Based XSS.This issue affects Awesome Progress Bar: from n/a through = 1.0.13...
CVE-2024-51575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md. Abdullah Al Masum Extender All In One For Elementor extender-all-in-one-for-elementor allows Stored XSS.This issue affects Extender All In One For Elementor: from n/a through = 1.0.3...
CVE-2024-51575 WordPress Extender All In One For Elementor plugin <= 1.0.3 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Md. Abdullah Al Masum Extender All In One For Elementor extender-all-in-one-for-elementor allows Stored XSS.This issue affects Extender All In One For Elementor: from n/a through = 1.0.3...
CVE-2024-51575
CVE-2024-51575 refers to a Stored XSS in WordPress plugin Extender All In One For Elementor (versions
CVE-2024-49643
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Abdullah Irfan Whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through 3.5...
CVE-2024-49643
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fifthsegment Whitelist fifthsegment-whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through = 3.5...
CVE-2024-49643 WordPress Whitelist plugin <= 3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Abdullah Irfan Whitelist allows Reflected XSS.This issue affects Whitelist: from n/a through 3.5...
CVE-2024-49656
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fifthsegment DocumentPress documentpress-display-any-document-on-your-site allows Reflected XSS.This issue affects DocumentPress: from n/a through = 2.1...
CVE-2024-49656 WordPress DocumentPress plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fifthsegment DocumentPress documentpress-display-any-document-on-your-site allows Reflected XSS.This issue affects DocumentPress: from n/a through = 2.1...
CVE-2024-49656
CVE-2024-49656 : Reflected XSS in WordPress DocumentPress plugin (
Doctor's Appointment System 1.0 SQL Injection
Exploit Title: SQLi - Doctor's Appointment System v1.0 Google Dork: N/A Date: 7/13/2022 Exploit Author: Abdullah Zaid - @aznull Vendor Homepage: https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html Software Link:...
Online Reviewer System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Reviewer System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...
GHSA-XHFX-HGMF-V6VP October CMS vulnerable to Potential Host Header Poisoning on misconfigured servers
Impact When running on servers that are configured to accept a wildcard as a hostname i.e. the server routes any request, regardless of the HOST header to an October CMS instance the potential exists for Host Header Poisoning attacks to succeed. See the following resources for more information on...