PT-2024-22376 · Unknown · Sourcecodester School Task Manager

Name of the Vulnerable Software and Affected Versions: Sourcecodester School Task Manager version 1.0 Description: A vulnerability was identified within the subject name= parameter, enabling Stored Cross-Site Scripting XSS attacks. This issue allows attackers to manipulate the subject's name,...

PT-2024-20969 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the email attach id parameter at the "/LHMail/AttachDown.aspx" API endpoint. Recommendations: For...

PT-2022-23403 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the ip parameter in the setDiagnosisCfg function, allowing potential exploitation. Recommendations: For TOTOLINK N350RT version 9.3.5u.6139...

PT-2022-20959 · Unknown · Newsletter Module

Name of the Vulnerable Software and Affected Versions: Newsletter Module versions 3.x Description: The issue is related to a SQL injection vulnerability. It can be exploited via the zemez newsletter email parameter at the "/index.php" API endpoint. Recommendations: For Newsletter Module version...

PT-2020-19480 · Simplejobscript.Com · Sjs

Name of the Vulnerable Software and Affected Versions: Simplejobscript.com SJS versions prior to 1.65 Description: An issue was discovered in Simplejobscript.com SJS. There is unauthenticated SQL injection via the search engine, specifically through the landing location parameter in the...

PT-2018-9820 · Wuzhi · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: The issue allows for persistent XSS via the form%5Bqq 10%5D parameter to the "/index.php?m=member&f=index&v=profile&set iframe=1" URI. This enables potential attackers to inject malicious scripts into the...

PT-2006-4031 · Nucleus · Nucleus

Name of the Vulnerable Software and Affected Versions: Nucleus version 3.23 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL using the DIR LIBS parameter in various files, including path/action.php, media.php, /xmlrpc/server.php, and /xmlrpc/api...