Lucene search
K

21 matches found

NVD
NVD
added 2026/02/25 6:16 a.m.18 views

CVE-2026-3164

A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and...

9.8CVSS0.00371EPSS
Exploits1References5
OSV
OSV
added 2025/06/20 2:15 p.m.5 views

CVE-2025-6344

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit...

9.8CVSS5.8AI score0.00399EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

Code-Projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /contactus.php. An attacker can exploit this vulnerability to execute...

9.8CVSS8.1AI score0.00399EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.12 views

PHPGurukul Medical Card Generation System 安全漏洞

Medical Card Generation System is a medical card generation system. The Medical Card Generation System suffers from an HTML injection vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pagedes parameter of admin/contactus.php, which can be...

6.1CVSS7.3AI score0.00228EPSS
Exploits1References1
CNVD
CNVD
added 2025/03/27 12:0 a.m.1 views

Art Gallery Management System contactus.php File SQL Injection Vulnerability

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pagetitle of /admin/contactus.php. An attacker can exploit...

9.8CVSS8.3AI score0.0041EPSS
Exploits1References1
OSV
OSV
added 2025/03/22 9:15 p.m.6 views

CVE-2025-2627

A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely...

9.8CVSS5.8AI score0.0041EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/22 12:0 a.m.11 views

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pagetitle of /admin/contactus.php. An attacker can exploit...

9.8CVSS8.2AI score0.0041EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/03/05 1:58 p.m.16 views

CVE-2025-1873

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php...

9.8CVSS8.3AI score0.00389EPSS
Exploits0References3
OSV
OSV
added 2025/02/13 4:16 p.m.4 views

CVE-2025-25357

A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter...

7.2CVSS6.2AI score0.00694EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.5 views

PT-2025-7086 · Unknown · Phpgurukul Land Record System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Land Record System version 1.0 Description: A SQL Injection issue was found in the /admin/contactus.php file, allowing remote attackers to execute arbitrary code via the email POST request parameter. This enables attackers to...

7.2CVSS8.6AI score0.00694EPSS
Exploits1References8
CNVD
CNVD
added 2024/12/30 12:0 a.m.2 views

Maid Hiring Management System /admin/contactus.php File Cross-Site Scripting Vulnerability

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from a lack of sufficient input validation for the page title parameter in the /admin/contactus.php file. An attacker can exploit this...

6.1CVSS6.1AI score0.00344EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 2:15 p.m.3 views

CVE-2024-13013

A vulnerability, which was classified as problematic, was found in PHPGurukul Maid Hiring Management System 1.0. Affected is an unknown function of the file /admin/contactus.php of the component Contact Us Page. The manipulation of the argument page title leads to cross site scripting. It is...

6.1CVSS3.7AI score0.00344EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.2 views

PHPGurukul Maid Hiring Management System 代码注入漏洞

Maid Hiring Management System is a maid hiring management system. The Maid Hiring Management System suffers from a cross-site scripting vulnerability that stems from a lack of sufficient input validation for the page title parameter in the /admin/contactus.php file. An attacker can exploit this...

6.1CVSS3.8AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2023/07/13 5:15 p.m.3 views

CVE-2023-37746

A cross-site scripting XSS vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter of the /admin/contactus.php component...

6.1CVSS5.9AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2023/04/21 8:15 a.m.3 views

CVE-2023-2206

A vulnerability classified as critical has been found in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file contactus.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS6.5AI score
Exploits0References3
OSV
OSV
added 2021/03/24 2:15 p.m.3 views

CVE-2021-27320

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter...

7.5CVSS7.1AI score0.09299EPSS
Exploits3References2
OSV
OSV
added 2021/03/24 2:15 p.m.5 views

CVE-2021-27319

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via email parameter...

7.5CVSS7.1AI score0.07826EPSS
Exploits3References1
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.7 views

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. The vulnerability can be exploited to insert malicious SQL queries via email parameters...

7.5CVSS5.9AI score0.07826EPSS
Exploits3References2
Openbugbounty
Openbugbounty
added 2017/06/13 9:2 p.m.13 views

asahi-spectra.com XSS vulnerability

Open Bug Bounty ID: OBB-247706 Description| Value ---|--- Affected Website:| asahi-spectra.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/13 3:34 p.m.9 views

thornliebowlsclub.com.au XSS vulnerability

Vulnerable URL: http://www.thornliebowlsclub.com.au/contactus/index.cfm Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

6.3AI score
Exploits0
Rows per page
Query Builder