13 matches found
EUVD-2024-16570
Malicious code in bioql PyPI...
CVE-2024-0782
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...
CVE-2024-7912 CodeAstro Online Railway Reservation System assets exposure of information through directory listing
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely...
CVE-2024-7910 CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/emp-profile-avatar.php of the component Profile Photo Update Handler. The manipulation leads to unrestricted upload. The...
CVE-2024-7910 CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/emp-profile-avatar.php of the component Profile Photo Update Handler. The manipulation leads to unrestricted upload. The...
CVE-2024-7815
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument empfname...
CVE-2024-7814
CVE-2024-7814 affects CodeAstro Online Railway Reservation System 1.0, with a Cross-Site Scripting vulnerability in /admin/admin-add-employee.php (unknown function). The issue arises from manipulating parameters emp_fname, emp_lname, emp_nat_idno, and emp_addr, enabling remote XSS as described in...
CVE-2024-7814 CodeAstro Online Railway Reservation System Add Employee Page admin-add-employee.php cross site scripting
A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument empfname /emplname /empnatidno/empaddr...
CVE-2024-7814 CodeAstro Online Railway Reservation System Add Employee Page admin-add-employee.php cross site scripting
A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument empfname /emplname /empnatidno/empaddr...
Cross site scripting
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...
CVE-2024-0782 CodeAstro Online Railway Reservation System pass-profile.php cross site scripting
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...
CVE-2024-0782 CodeAstro Online Railway Reservation System pass-profile.php cross site scripting
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting. The attack can be...
CVE-2024-0782
The CVE-2024-0782 entry affects CodeAstro Online Railway Reservation System 1.0, targeting pass-profile.php. The flaw arises from manipulation of the First Name/Last Name/User Name parameters, enabling cross-site scripting (XSS). Exploitation is described as remote with publicly disclosed details...