CVE-2024-4645 SourceCodester Prison Management System changepassword.php cross site scripting

A vulnerability was found in SourceCodester Prison Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /Admin/changepassword.php. The manipulation of the argument txtoldpassword/txtnewpassword/txtconfirmpassword leads to cross site scripting...

CVE-2024-4644

A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtoldpassword/txtnewpassword/txtconfirmpassword leads to cross site...

CVE-2024-4644 SourceCodester Prison Management System changepassword.php cross site scripting

A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtoldpassword/txtnewpassword/txtconfirmpassword leads to cross site...

CVE-2024-4644 SourceCodester Prison Management System changepassword.php cross site scripting

A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtoldpassword/txtnewpassword/txtconfirmpassword leads to cross site...

CVE-2023-0641 PHPGurukul Employee Leaves Management System changepassword.php weak password

A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password...

CVE-2023-0641

PHPGurukul's Employee Leaves Management System 1.0 contains a vulnerability in changepassword.php where manipulating newpassword/confirmpassword weakens password requirements. The issue is remotely exploitable with high impact on confidentiality/integrity (per CVSS). Connected documents corrobora...

Lead Management System SQL Injection Vulnerability (CNVD-2023-05740)

Lead management system is a lead management system developed by Mayuri K. The Lead Management System v1.0 version is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the userid parameter of changePassword.php. An attacker could use this...

CVE-2022-47859

Lead Management System v1.0 is vulnerable to SQL Injection via the userid parameter in changePassword.php...

Sql injection

Lead Management System v1.0 is vulnerable to SQL Injection via the userid parameter in changePassword.php...

CVE-2022-47859

Lead Management System v1.0 is affected by a SQL Injection in the user_id parameter of changePassword.php. The CVE description and multiple connected records consistently identify the root cause as unsanitized/validated input in changePassword.php, enabling arbitrary SQL execution with high impac...

PT-2023-15494 · Unknown · Lead Management System

Name of the Vulnerable Software and Affected Versions: Lead Management System version 1.0 Description: The issue concerns SQL Injection via the user id parameter in the changePassword.php file. This allows for potential unauthorized access and manipulation of data. Recommendations: For Lead...

CVE-2022-47859

Lead Management System v1.0 is vulnerable to SQL Injection via the userid parameter in changePassword.php...

CVE-2022-45221

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in changepassword.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnewpassword parameter...

Cross site scripting

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in changepassword.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnewpassword parameter...

CVE-2022-45221

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in changepassword.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnewpassword parameter...

Web-Based Student Clearance System 跨站脚本漏洞

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A security vulnerability exists in Web-Based Student Clearance System version v1.0, which was discovered to contain a cross-site scripting XSS vulnerability via changepassword.php...

CVE-2012-4393

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 addBookmark.php, 2 delBookmark.php, or 3 editBookmark.php in bookmarks/ajax/; 4 calendar/delete.php, 5 calendar/edit.php...

CVE-2008-4427

changepassword.php in Phlatline's Personal Information Manager pPIM 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords...

CVE-2008-4427

changepassword.php in Phlatline's Personal Information Manager pPIM 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords...

CVE-2008-4427

CVE-2008-4427 affects Phlatline’s Personal Information Manager (pPIM) up to version 1.0. The vulnerability is that changepassword.php does not require administrative authentication, enabling remote attackers to change arbitrary user passwords. This is the explicitly described impact in the CVE en...