Stored-XSS-in-Inventory-System-using-PHP-and-MySQL

Stored XSS in Inventory System using PHP and MySQL Vulnera...

CVE-2026-3766 SourceCodester Web-based Pharmacy Product Management System edit-profile.php cross site scripting

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...

CVE-2021-47911

Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...

CVE-2021-47911 Affiliate Pro 1.7 Reflected Cross-Site Scripting via Index Module

Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests...

CVE-2025-12312

CVE-2025-12312 affects PHPGurukul Curfew e-Pass Management System 1.0. The vulnerability is in the file view-pass-detail.php, where manipulating the Fullname/Category argument leads to cross-site scripting. The issue can be exploited remotely; multiple sources note that an exploit has been publis...