317 matches found
CVE-2015-4582
CVE-2015-4582 affects TheCartPress boot-store theme (WordPress) version 1.6.4. The flaw is a cross-site scripting (XSS) vulnerability in header.php via the tcp_register_error function. Public sources in the connected docs identify the affected software and the XSS outcome, but do not provide a co...
Cross site scripting
A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...
PT-2023-29212 · Unknown · Online Art Gallery
Name of the Vulnerable Software and Affected Versions: Online Art Gallery version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the add2 parameter of the header.php resource does not validate the characters received and they are sent...
CVE-2023-40944
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...
Sql injection
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...
CVE-2023-40944
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...
CVE-2023-40944
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at \header.php...
Cross-site Scripting (XSS)
phpmyfaq is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end in header.php, which allows an attacker to inject and execute malicious JavaScript...
Cross-site Scripting (XSS)
wordpress is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the addLoadEvent function in admin-header.php where an attacker is able to inject malicious script via global variables and get it executed when a user visits the page...
CVE-2020-25092
CVE-2020-25092 affects Ecommerce-CodeIgniter-Bootstrap. The vulnerability is an XSS issue located in _parts/header.php and in the templates at application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. The public records indicate thi...
CVE-2020-10449
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-search.php by adding a question mark ? followed by the payload...
CVE-2020-10446
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-category.php by adding a question mark ? followed by the payload...
CVE-2020-10445
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article.php by adding a question mark ? followed by the payload...
CVE-2020-10453
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/search-users.php by adding a question mark ? followed by the payload...
CVE-2020-10448
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-referrers.php by adding a question mark ? followed by the payload...
CVE-2020-10437
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/optimize-database.php by adding a question mark ? followed by the payload...
CVE-2020-10436
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/my-profile.php by adding a question mark ? followed by the payload...
CVE-2020-10442
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/report-article-popular.php by adding a question mark ? followed by the payload...
CVE-2020-10431
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-templates.php by adding a question mark ? followed by the payload...
CVE-2020-10432
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-tickets.php by adding a question mark ? followed by the payload...