CVE-2023-40944

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...

CVE-2020-10455

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/translate.php by adding a question mark ? followed by the payload...

CVE-2020-10445

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article.php by adding a question mark ? followed by the payload...

CVE-2020-10456

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/trash-box.php by adding a question mark ? followed by the payload...

EUVD-2003-1539

Malware in sbrugna...

EUVD-2019-10931

Malware in sbrugna...

EUVD-2020-2854

Malware in sbrugna...

EUVD-2019-10930

Malware in sbrugna...

EUVD-2008-4715

Malware in sbrugna...

EUVD-2007-4877

Malware in sbrugna...

EUVD-2020-2909

Malware in sbrugna...

EUVD-2006-4872

Malware in sbrugna...

CVE-2020-10434

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-versions.php by adding a question mark ? followed by the payload...

CVE-2009-1785

Cross-site scripting XSS vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2015-4582

The TheCartPress boot-store aka Boot Store theme 1.6.4 for WordPress allows header.php tcpregistererror XSS. NOTE: CVE-2015-4582 is not assigned to any Oracle product...

PT-2025-18088 · Unknown · Thecartpress

Name of the Vulnerable Software and Affected Versions: TheCartPress boot-store versions 1.6.4 Description: The issue allows for XSS in the header.php file through the tcp register error function. It is noted that this issue is not related to any Oracle product. Recommendations: For version 1.6.4,...

WordPress plugin TheCartPress boot-store 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2015-4582

CVE-2015-4582 affects TheCartPress boot-store theme (WordPress) version 1.6.4. The flaw is a cross-site scripting (XSS) vulnerability in header.php via the tcp_register_error function. Public sources in the connected docs identify the affected software and the XSS outcome, but do not provide a co...

Cross site scripting

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

PT-2023-29212 · Unknown · Online Art Gallery

Name of the Vulnerable Software and Affected Versions: Online Art Gallery version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the add2 parameter of the header.php resource does not validate the characters received and they are sent...