15 matches found
CVE-2026-11337
A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulnerability is an unknown functionality of the file /dashboardpage/forms/fetch.php. The manipulation of the argument...
CVE-2026-11337 tittuvarghese CollegeManagementSystem fetch.php cross site scripting
A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulnerability is an unknown functionality of the file /dashboardpage/forms/fetch.php. The manipulation of the argument...
CVE-2026-11337
A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulnerability is an unknown functionality of the file /dashboardpage/forms/fetch.php. The manipulation of the argument...
CVE-2026-11337
The CVE-2026-11337 entry concerns tittuvarghese CollegeManagementSystem and affects an unknown functionality in /dashboard_page/forms/fetch.php where manipulating the department_name argument triggers cross-site scripting. The description indicates remote exploitation and that an exploit has been...
CVE-2026-11334
A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This affects an unknown function of the file dashboardpage/forms/fetch.php. Performing a manipulation of the argument departmentcode results in...
CVE-2026-11334
The CVE-2026-11334 entry concerns tittuvarghese CollegeManagementSystem (dashboard_page/forms/fetch.php) where manipulating the department_code argument leads to SQL injection. A remote attacker can exploit this with no authentication required; exploit maturity is described as PoC. The vulnerabil...
EUVD-2006-5084
Malware in sbrugna...
DokuWiki fetch.php SSRF vulnerability
Author: baolongniucow protection Dragon About DokuWiki DokuWiki is an open source wiki engine program, running on PHP environment. DokuWiki program small but powerful, flexible, suitable for small teams and personal web site Knowledge Base management. Vulnerability description DokuWiki latest...
GLSA-200704-08 : DokuWiki: XSS vulnerability
The remote host is affected by the vulnerability described in GLSA-200704-08 DokuWiki: XSS vulnerability DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file. Impact : An attacker could entice a user to click a specially crafted link and inject CRLF characters...
DokuWiki: Cross-site scripting vulnerability
Background DokuWiki is a simple to use wiki aimed at creating documentation. Description DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file. Impact An attacker could entice a user to click a specially crafted link and inject CRLF characters into the variable...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
DEBIAN-CVE-2006-5099
lib/exec/fetch.php in DokuWiki before 2006-03-09e, when confimconvert is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 w and 2 h parameters, which are not filtered when invoking convert...
CVE-2006-5098
lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service CPU consumption via large w and h parameters, when resizing an image...
CVE-2006-5098
lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service CPU consumption via large w and h parameters, when resizing an image...
DokuWiki fetch.php Multiple Parameter imconvert Function Arbitrary Command Execution
The remote host is running DokuWiki, an open source wiki application written in PHP. The installed version of DokuWiki fails to properly sanitize input to the 'w' and 'h' parameters of the 'lib/exe/fetch.php' script before using it to execute a command when resizing images. An unauthenticated...