Chat System update_room.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from insufficient input validation of the id/name/password parameters in the /admin/updateroom.php file. An attacker can use this vulnerability to execute arbitrary SQL commands to obtain sensitiv...

PT-2024-16729 · Unknown · Codezips Hospital Appointment System

Name of the Vulnerable Software and Affected Versions: Codezips Hospital Appointment System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /removeBranchResult.php. The manipulation of the ID/Name argument leads to sql...

CVE-2023-7123 SourceCodester Medicine Tracking System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=savemedicine. The manipulation of the argument id/name/description leads to sql injection. The attack may...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

CVE-2023-37190

A stored cross-site scripting XSS vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature...

The vulnerability of the get_ctl_id_hash() function in the audio subsystem of Linux operating systems allows a hacker to increase their privileges or cause service failures.

The vulnerability of the getctlidhash function in the audio subsystem of Linux operating systems is related to reading data beyond the buffer boundaries in memory when processing the parameter id-name. Exploiting this vulnerability can allow an attacker to enhance their privileges or cause system...

Digium Asterisk Open Source and Certified Asterisk Arbitrary Command Execution Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. There are security vulnerabilities in Asteris...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter or 2 id name...

Seam: XSS flaw in remoting

Multiple cross-site scripting XSS vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter or 2 id name...