13 matches found
CVE-2025-40690
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'teamid' parameter in the endpoint '/ofrs/admin/edit-team.php'...
EUVD-2025-28903
Malicious code in bioql PyPI...
CVE-2025-40693
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
CVE-2025-40693
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
CVE-2025-40690
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'teamid' parameter in the endpoint '/ofrs/admin/edit-team.php'...
CVE-2025-40690
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'teamid' parameter in the endpoint '/ofrs/admin/edit-team.php'...
CVE-2025-40693
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
CVE-2025-40693 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
CVE-2025-40693
CVE-2025-40693 : Stored Cross-Site Scripting in Online Fire Reporting System v1.2 (PHPGurukul) arises from insufficient validation of inputs: GET parameter tname and POST parameters teamleadname, teammember, and teamname at /ofrs/admin/edit-team.php. This authenticated XSS can enable an attacker ...
CVE-2025-40693 Cross Site Scripting in PHPGurukul Online Fire Reporting System
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a reflected and stored authenticated XSS due to the lack of propper validation of user inputs 'tname' parameter via GET and, 'teamleadname', 'teammember' and 'teamname' parameters via POST at the...
CVE-2025-40690 SQL injection in PHPGurukul Online Fire Reporting System
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'teamid' parameter in the endpoint '/ofrs/admin/edit-team.php'...
Online Fire Reporting System SQL注入漏洞
Online Fire Reporting System is an online fire reporting system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Fire Reporting System version 1.2, which stems from incorrect manipulation of the parameter teamid in the endpoint /ofrs/admin/edit-team.php, which...
PT-2025-37172
Name of the Vulnerable Software and Affected Versions: Online Fire Reporting System version 1.2 Description: The Online Fire Reporting System contains a SQL injection issue. An attacker can retrieve, create, update, and delete database information via the teamid parameter in the...