1057 matches found
Landray EKP 安全漏洞
Landray EKP is an office automation solution from China-based Landray that enables companies to easily model and manage. A security vulnerability exists in Landray EKP V16 and prior versions, which stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to...
CVE-2024-48284
A Reflected Cross-Site Scripting XSS vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request...
CVE-2024-50836
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters...
CVE-2024-50838
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters...
CVE-2024-50841
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/calendarofevents.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the datestart, dateend, and title parameters...
CVE-2024-50840
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the classname parameter...
CVE-2024-50842
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/schoolyear.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the schoolyear parameter...
CVE-2024-50839
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...
CVE-2024-50838
A Stored Cross-Site Scripting (XSS) vulnerability affects Kashipara E-learning Management System Project 1.0, located in /admin/department.php. The flaw allows remote attackers to inject and execute arbitrary scripts via the d and pi parameters. According to the connected documents, the issue is ...
CVE-2024-50840
The CVE-2024-50840 entry describes a Stored XSS vulnerability in Kashipara E-learning Management System Project 1.0, exploitable via /admin/class.php with the class_name parameter. The root cause is unsanitized input allowing script execution in the victim’s browser. Per the connected data, the i...
CVE-2024-50842
CVE-2024-50842 describes a stored XSS in Kashipara E-learning Management System Project 1.0, affecting the /admin/school_year.php endpoint. The vulnerability allows remote attackers to inject and execute arbitrary scripts through the school_year parameter, implying an stored XSS due to improper i...
CVE-2024-50841
CVE-2024-50841 is a stored XSS vulnerability in Kashipara E-learning Management System Project 1.0. The issue resides in the /admin/calendar_of_events.php endpoint, where user-controlled input in the fields date_start, date_end, and title can be stored and later reflected, enabling remote script ...
CVE-2024-50841
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/calendarofevents.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the datestart, dateend, and title parameters...
CVE-2024-50839
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...
CVE-2024-50842
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/schoolyear.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the schoolyear parameter...
CVE-2024-50837
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/adminuser.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters...
CVE-2024-50841
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/calendarofevents.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the datestart, dateend, and title parameters...
CVE-2024-50840
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the classname parameter...
CVE-2024-50837
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/adminuser.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters...
CVE-2024-50842
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/schoolyear.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the schoolyear parameter...