6 matches found
CVE-2026-2150
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...
CVE-2024-8301
A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax/checkin.php. The manipulation of the argument username leads to sql injection. The attack can b...
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component...
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component...
CVE-2024-30924
DerbyNet v9.0 and earlier are affected by a Cross‑Site Scripting vulnerability in the checkin.php component. The issue arises from improper handling/validation of the order parameter, which is embedded into JavaScript without proper sanitization, allowing an attacker to inject scripts and potenti...
CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component...