CVE-2023-49272

Hotel Management v1.0 is affected by multiple authenticated Reflected XSS flaws. The vulnerability stems from the children parameter in reservation.php, whose value is echoed into the HTML document as plain text. This could allow attackers who have valid access to craft inputs that are reflected ...

SLIMS 9.5.2 Cross Site Scripting Vulnerability

Title: SLIMS-9.5.2 - XSS Reflected - Account Exploit Development: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.5.2 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2 Description:...

Senayan Library Management System 9.2.1 Cross Site Scripting Vulnerability

Title: Senayan Library Management System v9.2.1 a.k.a SLIMS 9 XSS-Reflected - inserting gif - redirect to outside HTTPS server Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.2.1/slims9bulian-9.2.1.zip Reference:...

CVE-2021-3529

A flaw was found in noobaa-core in versions before 5.7.0. This flaw results in the name of an arbitrarily URL being copied into an HTML document as plain text between tags, including potentially a payload script. The input was echoed unmodified in the application response, resulting in arbitrary...