Lucene search
K

96 matches found

OSV
OSV
added 2022/04/25 3:15 p.m.4 views

CVE-2022-28094

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the fid parameter at booking.php...

6.1CVSS6.3AI score0.00663EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/04/25 3:15 p.m.2 views

CVE-2022-28094

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the fid parameter at booking.php...

6.1CVSS5.8AI score0.00663EPSS
Exploits1References4
CVE
CVE
added 2022/04/25 1:9 p.m.74 views

CVE-2022-28094

SCBS Online Sports Venue Reservation System v1.0 is affected by a cross-site scripting (XSS) vulnerability via the fid parameter in booking.php. Root cause is unvalidated input leading to script execution. The CVE entry documents this issue; exploitation details, affected versions beyond v1.0, an...

6.1CVSS6AI score0.00663EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/04/25 1:9 p.m.25 views

CVE-2022-28094

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the fid parameter at booking.php...

6.2AI score0.00663EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.5 views

Online Sports Complex Booking System 跨站脚本漏洞

Online Sports Complex Booking System is an online sports complex booking system by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in version v1.0 of the Online Sports Complex Booking System, which was discovered to contain a cross-site scripting XSS...

6.1CVSS5.9AI score0.00663EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2020/09/29 12:0 a.m.4 views

The vulnerability of the “fid” parameter in the Online-Exam-System software allows a violator to execute arbitrary SQL queries.

The vulnerability of the “fid” parameter in the Online-Exam-System software involves a lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

10CVSS6AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/06/28 12:0 a.m.3 views

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35976)

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. A cross-site scripting vulnerability exists in the query parameter 'fid' in the navigation.php file in Naviwebs Navigate CMS version 2.9 r1433. The vulnerability stems from the WEB...

5.4CVSS6.4AI score0.00649EPSS
Exploits1References1
OSV
OSV
added 2020/06/24 3:15 p.m.5 views

CVE-2020-14014

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...

5.4CVSS6.1AI score0.00649EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.23 views

School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/09/25 12:0 a.m.21 views

Navigate CMS Cross-Site Scripting Vulnerability

Navigate CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in the 'fid' parameter of the navigate.php file in Navigate CMS version 2.8, which can be exploited by remote attackers to inject arbitrary web script or HTML...

6.1AI score
Exploits4References1
Exploit DB
Exploit DB
added 2018/09/24 12:0 a.m.45 views

Navigate CMS 2.8 - Cross-Site Scripting

Title: Navigate CMS 2.8 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-09-19 Vendor: https://www.navigatecms.com/en/home Software: Navigate CMS 2.8 CVE: CVE-2018-17255 Technical Details & Description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the...

6.4AI score
Exploits4
CNVD
CNVD
added 2017/12/29 12:0 a.m.1 views

PHP Scripts Mall PHP Multivendor Ecommerce Cross-Site Scripting Vulnerability (CNVD-2018-00088)

PHP Multivendor Ecommerce is a shopping cart software from PHP Scripts Mall built on the PHP platform that allows sellers to easily customize and sell their products. A cross-site scripting vulnerability exists in PHP Scripts Mall PHP Multivendor Ecommerce. The vulnerability can be exploited to...

6.1CVSS6.4AI score0.00688EPSS
Exploits1References1
Prion
Prion
added 2017/12/28 6:29 p.m.14 views

Sql injection

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the mywishlist.php fid parameter...

7.5CVSS9.9AI score0.01171EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/28 6:0 p.m.21 views

CVE-2017-17958

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the mywishlist.php fid parameter...

6.1AI score0.00688EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/12/28 6:0 p.m.20 views

CVE-2017-17957

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the mywishlist.php fid parameter...

10AI score0.01171EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.3 views

FS Linkedin Clone SQL Injection Vulnerability

FS Linkedin Clone is a set of PHP and MySQL based scripts for job search and recruitment websites. A SQL injection vulnerability exists in FS Linkedin Clone version 1.0. A remote attacker can exploit this vulnerability by sending the 'grid' parameter to the group.php file, the 'fid' parameter to...

9.8CVSS8AI score0.02978EPSS
Exploits1References1
OSV
OSV
added 2017/12/13 9:29 a.m.4 views

CVE-2017-17580

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or companydetails.php id parameter...

9.8CVSS5.8AI score0.02978EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/12/13 9:0 a.m.24 views

CVE-2017-17580

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or companydetails.php id parameter...

10AI score0.02978EPSS
Exploits1References2
CNVD
CNVD
added 2017/05/29 12:0 a.m.2 views

SQL Injection Vulnerability in Lazy WorkPass OA Web Intelligent Office System

Lazy work pass OA network intelligent office system is suitable for enterprises and institutions of the general network office software, the system uses B / S operation mode, free version for small and medium-sized enterprises. There is a SQL injection vulnerability in the OA Network Intelligent...

7.6AI score
Exploits0
NVD
NVD
added 2014/07/01 2:55 p.m.13 views

CVE-2014-4584

Cross-site scripting XSS vulnerability in admin/editFacility.php in the wp-easybooking plugin 1.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the fID parameter...

4.3CVSS5.8AI score0.01629EPSS
Exploits1References1
Rows per page
Query Builder