48 matches found
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2018-25343
Technical details for CVE-2018-25343 are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-28392
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
PHPGurukul Hospital Management System 跨站脚本漏洞
PHPGurukul Hospital Management System is a hospital management system developed by PHPGurukul company, based on PHP and MySQL technologies. The PHPGurukul Hospital Management System v4.0 version has a cross-site scripting vulnerability. This vulnerability stems from the...
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
PT-2026-38450
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
CVE-2025-13238
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely. The exploit has be...
CVE-2025-13245
A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.php. Such manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be...
CVE-2025-13238 Bdtask Flight Booking Software Edit Profile edit unrestricted upload
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely. The exploit has be...
CVE-2025-13238
CVE-2025-13238 affects Bdtask Flight Booking Software 4. The Edit Profile Page component (/agent/profile/edit) is susceptible to manipulation that enables unrestricted file uploads. The flaw can be exploited remotely and has publicly available exploit materials. Multiple sources corroborate the i...
Code-Projects Student Information System SQL注入漏洞
Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from the /editprofile.php file not effectively filtering user input. No details of the vulnerability are available at this time...
PT-2025-47073
Name of the Vulnerable Software and Affected Versions Bdtask Flight Booking Software version 4 Description A flaw exists in Bdtask Flight Booking Software version 4 that allows for unrestricted file upload through the Edit Profile Page, specifically via the /agent/profile/edit file. This...
Bdtask Flight Booking Software 代码问题漏洞
Bdtask Flight Booking Software is an airline booking software from Bdtask Bangladesh. A code issue vulnerability exists in Bdtask Flight Booking Software that stems from incorrect manipulation of the component Edit Profile Page in the file /agent/profile/edit, which could lead to unlimited upload...
EUVD-2022-24576
Malicious code in bioql PyPI...
EUVD-2025-28886
Malicious code in bioql PyPI...
CVE-2025-9754
A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the component Edit Profile Page. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched...
CVE-2025-9754
A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the component Edit Profile Page. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched...