59 matches found
CVE-2024-51223
A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Mobile Number parameter...
CVE-2024-51223
A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Mobile Number parameter...
CVE-2024-51222
A stored cross-site scripting XSS vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2024-44635
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...
CVE-2025-13185 Bdtask/CodeCanyon News365 profile unrestricted upload
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2024-44635
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...
EUVD-2024-55077
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the adminname and aemailid parameters in /admin-profile.php...
EUVD-2024-55084
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...
CVE-2025-60318
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the fname First Name and lname Last Name fields...
EUVD-2020-21610
Malware in sbrugna...
EUVD-2023-41561
Malicious code in bioql PyPI...
EUVD-2025-6598
Malicious code in bioql PyPI...
EUVD-2025-20320
Malicious code in bioql PyPI...
EUVD-2025-28711
Malicious code in bioql PyPI...
CVE-2025-10083
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicl...
CVE-2025-10083
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicl...
CVE-2025-7144
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the component Admin Profile Page. The manipulation of the argument Admin Name leads to cross site...
CVE-2025-7144 SourceCodester Best Salon Management System Admin Profile Page admin-profile.php cross site scripting
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the component Admin Profile Page. The manipulation of the argument Admin Name leads to cross site...
CVE-2025-7144
CVE-2025-7144 affects SourceCodester Best Salon Management System 1.0. The vulnerability is a cross-site scripting in the file /panel/admin-profile.php , caused by manipulation of the Admin Name parameter. Exploitation can be performed remotely , and multiple sources note that the exploit has bee...