Chat System update_room.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from insufficient input validation of the id/name/password parameters in the /admin/updateroom.php file. An attacker can use this vulnerability to execute arbitrary SQL commands to obtain sensitiv...

PT-2024-16729 · Unknown · Codezips Hospital Appointment System

Name of the Vulnerable Software and Affected Versions: Codezips Hospital Appointment System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /removeBranchResult.php. The manipulation of the ID/Name argument leads to sql...

CVE-2023-7123 SourceCodester Medicine Tracking System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=savemedicine. The manipulation of the argument id/name/description leads to sql injection. The attack may...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

Digium Asterisk Open Source and Certified Asterisk Arbitrary Command Execution Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. There are security vulnerabilities in Asteris...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter or 2 id name...

Seam: XSS flaw in remoting

Multiple cross-site scripting XSS vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter or 2 id name...