5 matches found
EUVD-2019-6034
Malware in sbrugna...
CVE-2023-3564
A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/calid leads to cross site scripting. It is possible to launch the attack...
Sql injection
REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the calid parameter, such as calid=55 and sleep3 to Calendar/calendarpopupajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data...
Employee Work Schedule 5.9 - cal_id SQL Injection
Employee Work Schedule 5.9 - calid SQL Injection Exploit Title: EWS 5.9 - 'search' SQL Injection Dork: N/A Date: 25.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/employee-work-schedule-multicalendar/10545683 Version: 5.9 Category: Webapps Tested on...
Sql injection
SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the 1 calid parameter in calendar.php3 and the 2 password field on the login page...