122 matches found
PT-2024-21511 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /admin/applicants/controller.php. The manipulation of the JOBREGID argument leads to SQL...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the CATEGORYID parameter of the /admin/category/controller.p...
Campcodes Online Job Finder System Security Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a cross-site scripting vulnerability in the EMPLOYEEID parameter of the...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from an SQL injection vulnerability in the id parameter of the /admin/company/controller.php file...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the UESRID parameter of the /admin/user/controller.php file...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the EMPLOYEEID parameter of the /admin/employee/controller.p...
PT-2024-21503 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/company/controller.php. The manipulation of the id argument leads to SQL injection. It is...
PT-2024-21508 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown functionality of the file /admin/category/controller.php. The manipulation of the CATEGORYID argument lead...
PT-2024-21466 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue affects the processing of the file /admin/employee/controller.php of the component GET Parameter Handler. The manipulation of the EMPLOYEEID argument leads to SQL...
Gacjie Server Code Issue Vulnerability
Gacjie Server is a platform for monitoring cloud services. A code issue vulnerability exists in Gacjie Server version 1.0 and earlier, which stems from the parameter file in file /app/admin/controller/Upload.php that can lead to unrestricted uploads...
PT-2024-17667 · Juanpao · Juanpao Jpshop
Name of the Vulnerable Software and Affected Versions: Juanpao JPShop versions up to 1.5.02 Description: A critical issue affects some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the app pic url argument leads to...
PT-2023-29775 · Unknown · Thirty Bees Core
Name of the Vulnerable Software and Affected Versions: Thirty Bees Core version 1.4.0 Description: The issue is a reflected cross-site scripting XSS vulnerability. It allows attackers to execute arbitrary JavaScript in a user's web browser via a crafted payload. The vulnerability is exploited...
PT-2023-22794 · Yfcmf · Yfcmf
Name of the Vulnerable Software and Affected Versions: YFCMF versions up to 3.0.4 Description: A problematic issue affects the processing of the file app/admin/controller/Ajax.php. The manipulation of the controllername argument leads to path traversal, allowing an attacker to access files using...
CLTPHP 代码问题漏洞
CLTPHP is an open source PHP content management system for efficient website building. A security vulnerability exists in CLTPHP 6.0 and earlier versions, which originates from an attacker being able to upload dangerous types of files without restriction via...
Online Ordering System 跨站脚本漏洞
Online Ordering System is a multi-store ordering system for janobe individual developers. It can be used for any small business. A cross-site scripting vulnerability exists in SourceCodester Gadget Works Online Ordering System version 1.0, which stems from a problem with the file...
CVE-2023-26957
onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins...
CVE-2023-26957
onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins...
SENS 跨站脚本漏洞
SENS is an enterprise blog system by saysky individual developer. A cross-site scripting vulnerability exists in SENS v1.0, which originates from a cross-site scripting attack XSS on com.liuyanzhao.sens.web.controller.admin, getRegister...
PT-2022-27637 · Sens · Sens
Name of the Vulnerable Software and Affected Versions: SENS version 1.0 Description: The issue is related to Cross Site Scripting XSS via the com.liuyanzhao.sens.web.controller.admin controller, specifically the getRegister function. This allows for potential malicious script execution...
PT-2022-26790 · Xxl-Job · Xxl-Job
Name of the Vulnerable Software and Affected Versions: XXL-Job versions prior to 2.3.1 Description: The issue is related to a Server-Side Request Forgery SSRF in the component /admin/controller/JobLogController.java. This allows for potential exploitation. Recommendations: For versions prior to...