CVE-2024-40392

SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php...

Cross-site Scripting (XSS)

Overview org.webjars:bootstrap is a WebJar for Bootstrap. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page generation. An attacker can manipulate the output of web pages by...

CVE-2024-40392

SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php...

Number withdrawn

Bootstrap is an open source web front-end framework developed using HTML, CSS, and JavaScript by Bootstrap. ch is a ClickHouse open source low-level Go client for ClickHouse. This CVE number has been withdrawn...

jfinal cms 安全漏洞

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . jfinal cms v5.1.0 version of a security vulnerability , the source of the...

Jfinal CMS SQL Injection Vulnerability (CNVD-2022-58382)

Jfinal CMS is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. Jfinal CMS version v5.1.0 has a SQL injection vulnerability that originates from...

Jfinal CMS Cross-Site Scripting Vulnerability (CNVD-2022-58383)

Jfinal CMS is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. Jfinal CMS v5.1.0 version of the cross-site scripting vulnerability , the...

H+ backend theme UI framework has file upload vulnerability

H+ Backend Theme UI Framework is a fully responsive, flat theme developed based on the latest version of Bootstrap 3.3.6. A file upload vulnerability exists in the H+ Backend Theme UI Framework, which can be exploited by an attacker to gain control of the server...

Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection

Title: Pharmacy Medical Store and Sale Point 1.0 - 'catid' SQL Injection Exploit Author: Moaaz Taha 0xStorm Date: 2020-08-18 Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html Software Link:...

Heybbs Micro Community v1.2 suffers from SQL injection vulnerability (CNVD-2020-23505)

HEYBBS micro-community is a front-end based on bootstrap+jq+css, back-end php+mysql development of micro-community program. Heybbs Micro Community v1.2 has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

ArticleCMS has a file upload vulnerability

ArticleCMS is a responsive information website management system built on Bootstrap 3.2 and ThinkPHP 5.0. ArticleCMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...

Bootstrap Cross-Site Scripting Vulnerability (CNVD-2019-23271)

Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript . A cross-site scripting vulnerability exists in the tooltip data-viewport attribute in Bootstrap versions prior to 3.4.0, which can be exploited by remote attackers to inject arbitrary web script or HTML...

DRUPAL-CONTRIB-2018-074

This base theme bridges the gap between Drupal and the Bootstrap Framework. The theme doesn't sufficiently filter valid targets under the scenario of opening modals, popovers, and tooltips. This vulnerability is mitigated by the fact that an attacker must already have the ability to either: 1...

Bootstrap - Moderately critical - Cross site scripting - SA-CONTRIB-2018-074

This base theme bridges the gap between Drupal and the Bootstrap Framework. The theme doesn't sufficiently filter valid targets under the scenario of opening modals, popovers, and tooltips. This vulnerability is mitigated by the fact that an attacker must already have the ability to either:...