178 matches found
CVE-2024-41240
A Reflected Cross Site Scripting XSS vulnerability was found in " /smsa/teacherlogin.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter...
PT-2024-29319 · Unknown · Kashipara Responsive School Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: A Reflected Cross Site Scripting XSS issue was discovered in the "/smsa/admin login.php" endpoint, allowing remote attackers to execute arbitrary code via the error...
CVE-2024-41242
A Reflected Cross Site Scripting XSS vulnerability was found in /smsa/studentlogin.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter...
PT-2024-29320 · Unknown · Kashipara Responsive School Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: A Reflected Cross Site Scripting XSS issue was discovered in the /smsa/student login.php endpoint, allowing remote attackers to execute arbitrary code via the error...
CVE-2024-41241
Summary of CVE-2024-41241 : A reflected XSS vulnerability in Kashipara Responsive School Management System v3.2.0 affects the endpoint /smsa/admin_login.php , exploitable via the error parameter to execute arbitrary code in affected deployments. Public risk details vary: NVD lists a CVSS‑3.1 base...
CVE-2024-41242
CVE-2024-41242 is a Reflected Cross Site Scripting (XSS) vulnerability in Kashipara Responsive School Management System v3.2.0, occurring in /smsa/student_login.php via the error parameter. The related Red Hat and CVE records corroborate that remote attackers can inject scripts, with impact descr...
CVE-2024-41240
A Reflected Cross Site Scripting XSS vulnerability was found in " /smsa/teacherlogin.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter...
CVE-2024-41242
A Reflected Cross Site Scripting XSS vulnerability was found in /smsa/studentlogin.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter...
CVE-2024-1412
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘message’ and 'error' parameters in all versions up to, and including, 1.11.26 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
SUSE CVE-2005-2869
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the Username to libraries/auth/cookie.auth.lib.php or 2 the error parameter to error.php...
SUSE CVE-2022-0485
A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...
GENI Portal 跨站脚本漏洞
GENI Portal is a web tool from GENI for managing geni resource reservations. A cross-site scripting vulnerability exists in GENI Portal, which stems from the fact that incorrect manipulation of the parameter error can lead to cross-site scripting...
PT-2022-9032 · Chris92De · Adminserv
Name of the Vulnerable Software and Affected Versions: Chris92de AdminServ affected versions not specified Description: A vulnerability was found in Chris92de AdminServ, rated as problematic. This issue affects some unknown processing of the file resources/core/adminserv.php. The manipulation of...
AdminServ 跨站脚本漏洞
AdminServ is a WebInterface used by Christopher F., an individual developer, to manage Trackmania Forever and ManiaPlanet dedicated servers. A cross-site scripting vulnerability exists in AdminServ that stems from cross-site scripting due to misuse of the parameter error...
UBUNTU-CVE-2022-0485
A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...
CVE-2022-30776
atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter...