16 matches found
EUVD-2026-10269
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...
EUVD-2024-53481
Malicious code in bioql PyPI...
EUVD-2024-16787
Malicious code in bioql PyPI...
CVE-2025-4934
CVE-2025-4934 affects PHPGurukul User Registration & Login and User Management System 3.3. The vulnerability is in unknown code of /edit-profile.php where manipulating the Contact parameter triggers an SQL injection. Exploitation is possible remotely and has been disclosed publicly. Multiple sour...
CVE-2024-56998
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting XSS in /edit-profile.php via the parameter $address...
CVE-2024-48278
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery CSRF via /edit-profile.php...
CVE-2024-4512 SourceCodester Prison Management System edit-profile.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/edit-profile.php. The manipulation of the argument txtfullname/txtdob/txtaddress/txtqualification/cmddept/cmdemployeetype/txtappointmen...
Cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is...
CVE-2024-1010 SourceCodester Employee Management System edit-profile.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is...
CVE-2024-1010
CVE-2024-1010 describes a cross-site scripting vulnerability in SourceCodester Employee Management System 1.0, affecting the edit-profile.php file. The issue arises from manipulating the parameters fullname, phone, date of birth, address, and date of appointment, enabling remote, client-side scri...
CVE-2022-2681 SourceCodester Online Student Admission System Student User Page edit-profile.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Online Student Admission System. Affected by this vulnerability is an unknown functionality of the file edit-profile.php of the component Student User Page. The manipulation with the input alert/xss/ leads to cross site...
CVE-2022-2681 SourceCodester Online Student Admission System Student User Page edit-profile.php cross site scripting
A vulnerability classified as problematic was found in SourceCodester Online Student Admission System. Affected by this vulnerability is an unknown functionality of the file edit-profile.php of the component Student User Page. The manipulation with the input alert/xss/ leads to cross site...
CVE-2020-22173
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information...
CVE-2020-22173
CVE-2020-22173 affects PHPGurukul Hospital Management System v4.0, with a SQL injection vulnerability in the hms/edit-profile.php that enables remote unauthenticated access to sensitive database information. Exploitation details are consistently described as a SQLi in hms/edit-profile.php across ...
CVE-2018-15187
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php...
CVE-2018-15187
CVE-2018-15187 concerns PHP Scripts Mall’s advanced-real-estate-script v4.0.9, where a Cross-Site Request Forgery (CSRF) flaw in edit-profile.php enables unauthorized actions. The CVSS details indicate a high-severity impact (CVSS3 8.0, HIGH; vector: NETWORK, LOW attack complexity, PR: LOW, UI: R...