68 matches found
CVE-2025-57087
Tenda W30E V16.01.0.19 5037 was discovered to contain a stack overflow in the countryCode parameter in the werlessAdvancedSet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2023-48837
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2021-21954
A command execution vulnerability exists in the wificountrycodeupdate functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution...
CVE-2023-51315
PHPJabbers Restaurant Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS in the "seatname, pluginsmsapikey, pluginsmscountrycode, title, name" parameters...
CVE-2023-51308
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
CVE-2023-51303
PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML Injection in the "lid, name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
CVE-2023-51300
PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting XSS vulnerabilities in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey" parameters...
CVE-2023-51299
PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
PT-2025-7288 · Phpjabbers · Phpjabbers Event Ticketing System
Name of the Vulnerable Software and Affected Versions: PHPJabbers Event Ticketing System version 1.0 Description: The PHPJabbers Event Ticketing System is vulnerable to multiple HTML injections in the parameters lid, name, plugin sms api key, plugin sms country code, and title. This issue allows...
EnGenius多款产品 注入漏洞
The EnGenius ENH1350EXT and others are an outdoor wireless access point from EnGenius. An injection vulnerability exists in several EnGenius products, which stems from a command injection due to incorrect operation of the parameter countryCode. The following products are affected: EnGenius...
PT-2025-2542 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A cross-site scripting xss vulnerability exists in the set lang CountryCode functionality of login.cgi. A specially crafted HTTP request can lead to a disclosure of sensitive information...
CVE-2023-48837
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48838
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code...
CVE-2023-48838
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code...
CVE-2023-48838
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code...
CVE-2023-48839
Appointment Scheduler 3.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...
CVE-2023-48837
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48837
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code...
CVE-2023-48836
Car Rental Script 3.0 is vulnerable to Multiple Stored Cross-Site Scripting XSS issues via the name, pluginsmsapikey, pluginsmscountrycode, calendarid, title, country name, or customername parameter...