CVE-2025-12280

A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /update-clients.php. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be...

EUVD-2016-1729

Malware in sbrugna...

CVE-2024-8867 Perfex CRM Parameter Clients.php cross site scripting

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting. The attack can be...

CVE-2023-7141 code-projects Client Details System update-clients.php sql injection

A vulnerability was found in code-projects Client Details System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/update-clients.php. The manipulation of the argument uid leads to sql injection. The exploit has been disclosed to the public and may be...

Sql injection

ProjectSend formerly cFTP r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selectedclients, clients.php with the request parameter status, process-zip-download.php with the...

CVE-2016-10731

CVE-2016-10731 affects ProjectSend (formerly cFTP) r582 and enables SQL injection via multiple PHP endpoints: manage-files.php (status, files), clients.php (selected_clients, status), process-zip-download.php (file), or home-log.php (action). Root cause: input parameters are used in SQL queries w...

ProjectSend r561 CSRF / XSS / Shell Upload

Author: TUNISIAN CYBER + Title: ProjectSend Multiple Vulnerabilities + Date: 25-04-2015 + Vendor: http://www.projectsend.org/ + Download:http://www.projectsend.org/download/67/ + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R It's a long one so let's start... I/ CSRF: Add Admin...

BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability

No description provided by source. script: browsercrm-5.002.00 remote file including Download From: http://www.browsercrm.com/download/browsercrm-5.002.00.tar.gz dork: Copyright 2007 BrowserCRM Ltd Vuln Code : requireonce$bcrmpubroot . "/publicprepend.inc.php" exploit:...

BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== BrowserCRM 5.002.00 clients.php Remote File Inclusion Vulnerability ===================================================================== script: browsercrm-5.002.00...

BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion

script: browsercrm-5.002.00 remote file including Download From: http://www.browsercrm.com/download/browsercrm-5.002.00.tar.gz dork: Copyright © 2007 BrowserCRM Ltd Vuln Code : requireonce$bcrmpubroot . "/publicprepend.inc.php" exploit:...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via 1 the contactsearch parameter and 2 unspecified url fields...

CVE-2006-0509

Multiple cross-site scripting XSS vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via 1 the contactsearch parameter and 2 unspecified url fields...

CVE-2006-0509

CVE-2006-0509 describes multiple cross-site scripting (XSS) vulnerabilities in Cerberus Helpdesk, affecting the files around clients.php (likely in version ~2.7). The vulnerabilities allow remote attackers to inject arbitrary web script or HTML through the parameters contact_search and unspecifie...