87 matches found
CVE-2023-24684
ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php...
ChurchCRM SQL注入漏洞
ChurchCRM is an open source CRM system for churches. A security vulnerability exists in ChurchCRM v4.5.3 and earlier versions that stems from the presence of a SQL injection vulnerability via the EID parameter in GetText.php...
PT-2022-17849 · Unknown · Sourcecodester Online Admission System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Admission System affected versions not specified Description: A critical issue affects the component GET Parameter Handler in the SourceCodester Online Admission System. The manipulation of the eid argument leads to SQL...
CVE-2022-32991
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...
CVE-2022-32991
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php...
Web Based Quiz System SQL注入漏洞
Web Based Quiz System is an application used for a simple online based project. Web Based Quiz System v1.0 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the eid parameter of welcome.php. An attacker could use this vulnerability to...
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php...
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php...
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php...
SourceCodester Online Examination System SQL注入漏洞
SourceCodester Projectworlds Online Examination System is an online examination system from SourceCodester, Inc. v1.0 contains a SQL injection vulnerability that stems from the failure of the eid parameter in the product's account.php page to properly filter special characters in user input data...
Cross site scripting
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester Tailor Management 1.0 via the 1 eid parameter in a partedit.php and b customeredit.php, the 2 id parameter in a editmeasurement.php and b addpayment.php, and the 3 error parameter in index.php...
CVE-2021-40260
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester Tailor Management 1.0 via the 1 eid parameter in a partedit.php and b customeredit.php, the 2 id parameter in a editmeasurement.php and b addpayment.php, and the 3 error parameter in index.php...
Online Examination System 1.0 SQL Injection
Exploit Title: Online Examination System 1.0 - 'eid' SQL Injection Google Dork: N/A Date: 2020-05-16 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14210/online-examination-system-project-using-phpmysql.html Software Link:...
DEBIAN-CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...
UBUNTU-CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...
CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...
PT-2019-18537 · Zoneminder +3 · Zoneminder +3
Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.32.4 Description: A Reflected Cross Site Scripting issue exists, allowing an attacker to execute HTML or JavaScript code via a vulnerable eid parameter value in the "download.php" API endpoint, due to omitted...
CVE-2018-17394
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter...
Sql injection
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter...
CVE-2010-0796
SQL injection vulnerability in the JE Quiz comjequizmanagement component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php...