CVE-2026-11520 SourceCodester Inventory System header.php cross site scripting

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...

CVE-2026-11520

Summary: CVE-2026-11520 affects SourceCodester Inventory System 1.0, with the vulnerability in the header.php file enabling cross-site scripting. The issue can be triggered remotely and multiple parameters may be affected. Public exploit material exists. The connected records confirm the vulnerab...

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from operations in the file header.php, which may lead to cross-site scripting...

CVE-2023-40944

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...

CVE-2020-10455

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/translate.php by adding a question mark ? followed by the payload...

CVE-2020-10445

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article.php by adding a question mark ? followed by the payload...

CVE-2020-10456

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/trash-box.php by adding a question mark ? followed by the payload...

EUVD-2006-4872

Malware in sbrugna...

EUVD-2019-10930

Malware in sbrugna...

EUVD-2003-1539

Malware in sbrugna...

EUVD-2019-10931

Malware in sbrugna...

EUVD-2020-2909

Malware in sbrugna...

EUVD-2020-2854

Malware in sbrugna...

EUVD-2007-4877

Malware in sbrugna...

EUVD-2008-4715

Malware in sbrugna...

CVE-2020-10434

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-versions.php by adding a question mark ? followed by the payload...

CVE-2009-1785

Cross-site scripting XSS vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

WordPress plugin TheCartPress boot-store 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-18088 · Unknown · Thecartpress

Name of the Vulnerable Software and Affected Versions: TheCartPress boot-store versions 1.6.4 Description: The issue allows for XSS in the header.php file through the tcp register error function. It is noted that this issue is not related to any Oracle product. Recommendations: For version 1.6.4,...

CVE-2015-4582

The TheCartPress boot-store aka Boot Store theme 1.6.4 for WordPress allows header.php tcpregistererror XSS. NOTE: CVE-2015-4582 is not assigned to any Oracle product...