Car Rental Script 跨站脚本漏洞

Car Rental Script is an open source vehicle rental script from GZ Script. GZ Script Car Rental Script version 1.8 cross-site scripting vulnerability , the vulnerability stems from the parameter firstname/secondname/phone/address1/country cross-site scripting XSS vulnerability...

GZScripts PHP GZ Hotel Booking Script 跨站脚本漏洞

GZScripts is a script from GZScripts Inc. A cross-site scripting vulnerability exists in GZScripts PHP GZ Hotel Booking Script version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname, phone, address1, and country...

GZ Scripts Event Booking Calendar 跨站脚本漏洞

GZ Scripts Event Booking Calendar is an event booking calendar application from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts Event Booking Calendar version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname,...

Time Slot Booking Calendar PHP 跨站脚本漏洞

Time Slot Booking Calendar PHP is a GZ Scripts open source time booking calendar system . GZ Scripts Time Slot Booking Calendar PHP version 1.8 cross-site scripting vulnerability , the vulnerability stems from the file /load.php parameters firstname/secondname/phone/address1/country will lead to...

can override a marketplace

Lines of code Vulnerability details Impact There is no check if there is a market place in the m address and we can override all of the exist market places. Proof of Concept function setMarketPlaceaddress m external authorizedadmin returns bool if marketPlace != address0 revert ExistsmarketPlace;...

ntp: drop packets with source address ::1

It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses...