59 matches found
Sql injection
A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
CVE-2023-1058 SourceCodester Doctors Appointment System create-account.php sql injection
A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...
Information Disclosure
shopware/shopware is vulnerable to information disclosure. The vulnerability exists in Account.php because multiple tokens requests are allowed and the generated tokens are not properly validated during a password reset which allows an attacker to gain access to user's email account and token...
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php...
Sql injection
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php...
SourceCodester Online Examination System SQL注入漏洞
SourceCodester Projectworlds Online Examination System is an online examination system from SourceCodester, Inc. v1.0 contains a SQL injection vulnerability that stems from the failure of the eid parameter in the product's account.php page to properly filter special characters in user input data...
Online Examination System Project 1.0 SQL Injection Vulnerability
Title: Online Examination System Project 1.0 SQL - Injections Author: nu11secur1ty Vendor: https://projectworlds.in/free-projects/php-projects/ Software: https://projectworlds.in/free-projects/php-projects/online-examination/ Description: The eid parameter in account.php from Online Examination...
CVE-2020-26006
Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting XSS via account.php...
Cross site scripting
Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting XSS via account.php...
CVE-2020-26006
Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting XSS via account.php...
CVE-2020-26006
Project Worlds Online Examination System 1.0 is vulnerable to Cross-Site Scripting (XSS) via account.php. Multiple sources (NVD CVE-2020-26006; CNVD/CNNVD entries) confirm an XSS vulnerability in this version, enabling injection of malicious JavaScript to execute in a user’s browser and potential...
Online Examination System 1.0 - (eid) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Examination System 1.0 - 'eid' SQL Injection Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14210/online-examination-system-project-using-phpmysql.html Software Link:...
Online Examination System 1.0 SQL Injection
Exploit Title: Online Examination System 1.0 - 'eid' SQL Injection Google Dork: N/A Date: 2020-05-16 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14210/online-examination-system-project-using-phpmysql.html Software Link:...
CVE-2019-9062
The CVE-2019-9062 entry concerns PHP Scripts Mall Online Food Ordering Script version 1.0, where a Cross-Site Request Forgery (CSRF) exists in my-account.php. The available connected documents corroborate a CSRF vulnerability in that file, enabling unauthorized state-changing requests. PT-2019-19...
CVE-2019-9062
PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery CSRF in my-account.php...
CVE-2018-19136
DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting through assets/edit/registrar-account.php?raid=… due to insufficient input sanitization of the raid parameter. This can allow an attacker to execute arbitrary JavaScript in a victim’s browser, potentially enabling session hijacking...
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter...
womenswords.com XSS vulnerability
Open Bug Bounty ID: OBB-551366 Description| Value ---|--- Affected Website:| womenswords.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
gastrojfh.com.au XSS vulnerability
Open Bug Bounty ID: OBB-550421 Description| Value ---|--- Affected Website:| gastrojfh.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
domesticviolence.com.au XSS vulnerability
Open Bug Bounty ID: OBB-550414 Description| Value ---|--- Affected Website:| domesticviolence.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...