29 matches found
CVE-2023-49540
Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter...
EUVD-2018-13264
Malware in sbrugna...
EUVD-2021-0541
Malware in sbrugna...
CVE-2024-46237
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting XSS via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php...
CVE-2022-34560
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...
CVE-2022-34560
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...
CVE-2022-34560
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...
PT-2024-11591 · Phpfox · Phpfox
Name of the Vulnerable Software and Affected Versions: PHPFox version 4.8.9 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter. Recommendations: For PHPFox version 4.8.9, consider...
CVE-2022-34560
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...
phpFox 安全漏洞
phpFox is a social networking platform from phpFox Inc. A security vulnerability exists in phpFox version v4.8.9. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload with the History parameter...
CVE-2023-49540
Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter...
CVE-2023-49540
Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter...
CVE-2023-49540
Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter...
PT-2023-31251 · Unknown · Book Store Management System
Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: A cross-site scripting XSS issue was found in the /bsms ci/index.php/history endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the...
SUSE CVE-2020-35572
Adminer through 4.7.8 allows XSS via the history parameter to the default URI...
USN-5271-1 adminer vulnerabilities
It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...
Cross-site Scripting (XSS)
vrana/adminer is vulnerable to cross-site scripting XSS. The vulnerability exists through the history parameter in the default URI...
GHSA-M56G-3G8V-2RXW XSS in Adminer
Withdrawn: Duplicate of GHSA-9pgx-gcph-mpqr. Adminer before 4.7.9 allows XSS via the history parameter to the default URI...
vrana/adminer via XSS in the history parameter in SQL command
Impact Users of Adminer versions supporting SQL command most versions, e.g. MySQL using browsers not encoding URL parameters before sending to server likely Edge, not Chrome, not Firefox are affected. Patches Patched by 5c395afc, included in version 4.7.9. Workarounds Use browser which encodes UR...
Cross-Site Scripting (XSS)
Adminer is vulnerable to cross-site scripting. The vulnerability exists via the history parameter to the default URI...