Car Rental Script 跨站脚本漏洞

Car Rental Script is an open source vehicle rental script from GZ Script. GZ Script Car Rental Script version 1.8 cross-site scripting vulnerability , the vulnerability stems from the parameter firstname/secondname/phone/address1/country cross-site scripting XSS vulnerability...

GZ Scripts Event Booking Calendar 跨站脚本漏洞

GZ Scripts Event Booking Calendar is an event booking calendar application from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts Event Booking Calendar version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname,...

GZScripts PHP GZ Hotel Booking Script 跨站脚本漏洞

GZScripts is a script from GZScripts Inc. A cross-site scripting vulnerability exists in GZScripts PHP GZ Hotel Booking Script version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname, phone, address1, and country...

Time Slot Booking Calendar PHP 跨站脚本漏洞

Time Slot Booking Calendar PHP is a GZ Scripts open source time booking calendar system . GZ Scripts Time Slot Booking Calendar PHP version 1.8 cross-site scripting vulnerability , the vulnerability stems from the file /load.php parameters firstname/secondname/phone/address1/country will lead to...

can override a marketplace

Lines of code Vulnerability details Impact There is no check if there is a market place in the m address and we can override all of the exist market places. Proof of Concept function setMarketPlaceaddress m external authorizedadmin returns bool if marketPlace != address0 revert ExistsmarketPlace;...

ntp: drop packets with source address ::1

It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses...