CVE-2022-1288 School Club Application System cross site scripting

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert1%3E leads to a reflected cross site scripting. The atta...

CVE-2022-1288

CVE-2022-1288 – School Club Application System 1.0 suffers a reflected cross-site scripting (XSS) vulnerability in the /scas/admin/ page. The issue is triggered by manipulating the page parameter with the payload “%22%3E%3Cimg%20src=x%20onerror=alert(1)%3E”, which can be exploited remotely withou...

CVE-2022-1288 School Club Application System cross site scripting

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. This issue affects access to /scas/admin/. The manipulation of the parameter page with the input %22%3E%3Cimg%20src=x%20onerror=alert1%3E leads to a reflected cross site scripting. The atta...

CVE-2022-1287

The CVE-2022-1287 entry concerns School Club Application System 1.0. A vulnerability in the handler for POST requests to /scas/classes/Users.php?f=save_user allows privilege escalation. The flaw is exploitable remotely without authentication, and exploitation has been publicly disclosed. This is ...

School Club Application System 注入漏洞

School Club Application System is a school club application system by Carlo Montero Personal Developer. A security vulnerability exists in School Club Application System version 1.0, which stems from an action on a POST request that results in an escalation of privileges. A remote attacker can us...

SQL Injection Vulnerability in Tianxin SCADA System of Tianxin Instrumentation Group Limited (CNVD-2021-45218)

TIANXIN Instrumentation Group Limited is a professional service provider of flow meters and gas application system solutions in China. A SQL injection vulnerability exists in the TIANXIN SCADA system of TIANXIN Instrumentation Group Limited, which can be exploited by attackers to obtain sensitive...

Security Bulletin: Multiple vulnerabilities in Cloud Pak System

Summary There are vulnerabilities in Cloud Pak System previously known as PureApplication System. It applies to Cloud Pak System, Software, and Service. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2019-4096 DESCRIPTION: IBM Pure Application System uses a...

SQL Injection Vulnerability in Penta Campus Network Application System Management Software

PantoSchool.Net is a complete solution for networked learning schools! A SQL injection vulnerability exists in PantoSchool.Net Application System Management Software. An attacker can exploit the vulnerability to obtain sensitive information from the database...

University Application System 1.0 Cross Site Request Forgery / SQL Injection

Exploit Title: University Application System 1.0 - SQL Injection / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/pamzey Software Link:...

Security Bulletin: IBM Pure Application System is affected by a vulnerability in the GSKit component (CVE-2017-3736)

Summary There is a vulnerability in the GSKit component used by IBM Pure Application System. The following vulnerability has been addressed. Vulnerability Details CVEID: CVE-2017-3736 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation...

Hebei Xinhe Technology Co., Ltd. creative portal application system suffers from arbitrary file download vulnerability

The Creative Portal Application is a platform for website content publishing and management, and is a tool for building unit portal applications. The Creative Portal Application System of Hebei Xinhe Technology Co., Ltd. suffers from an arbitrary file download vulnerability. Allow attackers to...

File Uploader 1.1 index.php config[root_ordner] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/25253/info File Uploader is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application...

Arasism (IR) CMS Shell Upload Vulnerability

Exploit for php platform in category web applications Arasism IR CMS - File Upload Vulnerability Details: ======== A File Upload vulnerability is detected in the famous iranisch Arasism.com Content Management Panel System. The vulnerability allows an attacker remote with low privileged user accou...

VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows)

This host is installed with VLC Media Player and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbvlcmediaplayeroggdemuxerbofvulnwin.nasl 8174 2017-12-19 12:23:25Z cfischer $ VLC Media Player OGG Demuxer Buffer Overflow Vulnerability Windows Authors: Madhuri D Copyrigh...

Putty Denial of Service Vulnerability

This host is installed with Putty and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: secpodputtydosvulnwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Putty Denial of Service Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 SecPod, http://www.secpod.com Thi...

Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 (Linux)

This host is installed with Adobe Flash Player and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbadobeflashplayerxssvulnlinjun11.nasl 5424 2017-02-25 16:52:36Z teissa $ Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 Linux Authors:...

Adobe Photoshop Multiple Vulnerabilities

This host is installed with Adobe Photoshop and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodadobephotoshopmultvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ Adobe Photoshop Multiple Vulnerabilities. Authors: Madhuri D Copyright: Copyright c 2011 SecPod,...

Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Linux)

This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeprdtsmultdosvulnaug10lin.nasl 6476 2017-06-29 07:32:00Z cfischer $ Adobe Flash Player/Air Multiple Vulnerabilities - August10 Linux Authors: Sooraj KS Copyright:...

OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10

This host has OpenOffice running which is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbopenofficemultcodeexecvulnwinfeb10.nasl 5323 2017-02-17 08:49:23Z teissa $ OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10 Authors: Veerendra G...

Firefox Multiple Vulnerabilities Dec-09 (Linux)

The host is installed with Firefox Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulndec09lin02.nasl 5055 2017-01-20 14:08:39Z teissa $ Firefox Multiple Vulnerabilities Dec-09 Linux Authors: Sharath S Copyright: Copyright c 2009 SecPod,...