Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the firstname and lastname inputs when processed by editUser.tpl.php. An attacker can inject arbitrary HTML content by submitting crafted input, which is rendered when other users view the affected profile,...

PT-2024-15621 · Unknown · Code-Projects Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Online Hotel Reservation System version 1.0 Description: A vulnerability has been found in the code-projects Simple Online Hotel Reservation System, affecting the file add reserve.php of the Make a Reservation Page...

PT-2023-32878 · Unknown · Code-Projects E-Commerce Website

Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A problematic vulnerability has been found in the code-projects E-Commerce Website, affecting an unknown part of the file user signup.php. The manipulation of the firstname argument wi...

GHSA-CV24-VH45-4HJM Foxlor cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the Customer Add module of Foxlor v0.10.16 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the name, firstname, or username input fields...