CVE-2025-44830

EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface...

engineercms cross-site scripting vulnerability

engineercms is an open source engineer knowledge management system . Specifically for civil engineers to create a suitable web-based knowledge management system . It can be used to manage both individual project information , but also for managing project team information ; it can run on both...

CVE-2021-36605

engineercms 1.03 is vulnerable to Cross Site Scripting XSS. There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser...

CVE-2021-36605

engineercms 1.03 is vulnerable to Cross Site Scripting XSS. There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser...

Cross site scripting

engineercms 1.03 is vulnerable to Cross Site Scripting XSS. There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser...

engineercms 跨站脚本漏洞

engineercms is an open source engineer knowledge management system . Specifically for civil engineers to create a suitable web-based knowledge management system . It can be used to manage both individual project information , but also for managing project team information ; it can run on both...

CVE-2021-36605

engineercms 1.03 is affected by a Cross-Site Scripting (XSS) vulnerability in the nickname field on the user list page due to lack of escaping. When an admin or user views the page, the embedded JavaScript can be executed in the attacker’s browser, potentially compromising user sessions or creden...

CVE-2021-36605

engineercms 1.03 is vulnerable to Cross Site Scripting XSS. There is no escaping in the nickname field on the user list page. When viewing this page, the JavaScript code will be executed in the user's browser...