76 matches found
PayPal,Credit Card and Debit Card Payment SQL注入漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...
PT-2024-35790 · Unknown · Phpgurukul Zoo Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue affects the processing of the file /admin/normal-bwdates-reports-details.php, where the manipulation of the fromdate argument leads to SQL injection. The attack can be...
Online Marriage Registration System 跨站脚本漏洞
Online Marriage Registration System is a website builder that supports online marriage registration. A cross-site scripting vulnerability exists in Online Marriage Registration System version 1.0, which originates from a cross-site scripting XSS vulnerability in the parameter fromdate in file...
PT-2024-22386 · Unknown · Open Source Medicine Ordering System
Name of the Vulnerable Software and Affected Versions: Open Source Medicine Ordering System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the date parameter at the "/admin/reports/index.php" API endpoint. Recommendations: F...
CVE-2024-28303
Open Source Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the date parameter at /admin/reports/index.php...
Online Medicine Ordering System SQL Injection Vulnerability
Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in Online Medicine Ordering System v1.0, which is caused by a SQL injection vulnerability in the date parameter of /admin/reports/index.php...
PT-2023-4935 · Cacti +1 · Cacti +1
Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.25 Description: Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability that allows an authenticated user to...
CVE-2023-29985
Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.phpdatefrom has a SQL Injection vulnerability...
CVE-2023-29985
Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.phpdatefrom has a SQL Injection vulnerability...
CVE-2023-26774
An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sales.php component of the admin/reports endpoint...
Sales Tracker Management System 安全漏洞
Sales Tracker Management System is a sales tracking management system by Carlo Montero Personal Developer. A security vulnerability exists in Sales Tracker Management System version v.1.0. An attacker can exploit this vulnerability to access sensitive information via the sales.php component of th...
PT-2023-20789 · Unknown · Sales Tracker Management System
Name of the Vulnerable Software and Affected Versions: Sales Tracker Management System version 1.0 Description: An issue in the Sales Tracker Management System allows a remote attacker to access sensitive information via the "admin/reports" endpoint, specifically through the sales.php component...
CVE-2023-1568
A vulnerability classified as problematic has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file /admin/reports/index.php of the component GET Parameter Handler. The manipulation of the argument dateto leads to cross site...
Student Study Center Desk Management System 跨站脚本漏洞
Student Study Center Desk Management System is a student study center desk management system. A cross-site scripting vulnerability exists in SourceCodester Student Study Center Desk Management System version 1.0, which stems from a problem in the file /admin/reports/index.php, where manipulation ...
Student Study Center Desk Management System SQL注入漏洞
Student Study Center Desk Management System is a student study center desk management system. A SQL injection vulnerability exists in SourceCodester Student Study Center Desk Management System version 1.0, which originates from a security issue in the admin/?page=reports&datefrom=2023-02-17& of t...
Formula injection via Full Name
🔒️ Requirements Privilege: user. 📝 Description It is possible for a user to change his name by whatever he wants from /profile/settings. In addition, an administrator can get reports about users from Reports Agents. So, a user could change his full name by a formula and abuse formula injection...
CVE-2022-36688
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=...
CVE-2022-36689
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=...
CVE-2022-36686
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=...
CVE-2022-36686
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=...