9 matches found
EUVD-2023-40138
Malicious code in bioql PyPI...
EUVD-2023-28128
Malicious code in bioql PyPI...
EUVD-2024-16219
Malicious code in bioql PyPI...
CVE-2025-3244
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add-admin.php of the component Create User Page. The manipulation of the argument Avatar leads to...
CVE-2023-36159
Cross Site Scripting XSS vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page...
CVE-2023-36159
Cross Site Scripting XSS vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page...
Lost and Found Information System Cross-Site Scripting Vulnerability
Lost and Found Information System is a lost and found information system by the individual developer oretnom23. A security vulnerability exists in version 1.0 of the Lost and Found Information System, which can be exploited to run arbitrary code via the First Name and Last Name fields on the Crea...
CVE-2023-24065
The CVE-2023-24065 entry affects NOSH (version 4a5cfdb) and describes a stored XSS vulnerability on the create user page. A crafted first name field can execute JavaScript when visiting /users/2/1, with potential to exfiltrate Protected Health Information in a healthcare-charting context. Public ...
CVE-2023-24065
NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name of a physician, assistant, or billing user can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information because the product is for...