Campcodes Beauty Salon Management System SQL注入漏洞

Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes, Inc. Beauty Salon Management System suffers from a SQL injection vulnerability that originates in the file /admin/search-appointment.php where manipulation of the searchdata parameter for some unknown...

CVE-2023-37744

Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-booking-request.php...

CVE-2023-37744

Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-booking-request.php...

Maid Hiring Management System 跨站脚本漏洞

PHPGurukul Maid Hiring Management System is a maid hiring management system from PHPGurukul, USA. A security vulnerability exists in Maid Hiring Management System v1.0, which originates from the component /admin/search-booking-request.php containing a cross-site scripting XSS vulnerability...

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

PT-2023-24398 · Unknown · User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: User Registration & Login and User Management System version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability is present in the /admin/search-result.php component. XSS is a type of security...

SQL Injection in Admin Search Find API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

Sql injection

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually...

CVE-2023-30848 Pimcore SQL Injection Vulnerability in Admin Search Find API

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the admin search find API has a SQL injection vulnerability. Users should upgrade to version 10.5.21 to receive a patch or, as a workaround, apply the patch manually...

PT-2023-23003

Name of the Vulnerable Software and Affected Versions Pimcore versions prior to 10.5.21 Description The issue is related to a SQL injection vulnerability in the admin search find API. This vulnerability allows an attacker to interfere with the queries that the application makes to its database,...

CVE-2023-1309

A vulnerability classified as critical was found in SourceCodester Online Graduate Tracer System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/searchit.php. The manipulation of the argument input leads to sql injection. The attack can be launched remotely. The...

CVE-2022-36715

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/search.php...

CVE-2022-36715

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/search.php...

Sql injection

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/search.php...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in the v1.0 version of Library Management System due to an SQL injection issue in the name parameter of the...

CVE-2022-2363

A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /cispms/admin/search/searching/. The manipulation of the argument search with the input "alert"XSS" leads t...

WordPress Advanced Admin Search plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Advanced Admin Search plugin, which stems fr...

CVE-2022-0626

The Advanced Admin Search WordPress plugin before 1.1.6 does not sanitize and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2022-0626

CVE-2022-0626 affects the WordPress plugin Advanced Admin Search prior to version 1.1.6. The issue is a Reflected Cross-Site Scripting caused by parameters not being sanitized/escaped before being output on an admin page (e.g., keyword, user, metaKey, metaValue). A fix is available in version 1.1...