CVE-2026-5542

A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown function of the file /modstaffinfo.php of the component Parameter Handler. Executing a manipulation of the argument userid can lead to cross site scripting. The attack may be launched remotely. The...

CVE-2026-1598

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

EUVD-2026-4956

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

CVE-2026-1598 Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

CVE-2026-1598 Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

PT-2026-5310

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

CVE-2025-12223

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public...

CVE-2025-12223

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public...

EUVD-2025-36076

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public...

CVE-2025-12223

The vulnerability CVE-2025-12223 affects Bdtask Flight Booking Software up to version 3.1, specifically the Package Information Module’s /b2c/package-information file. It enables unrestricted remote file uploads due to an upload restriction flaw, with exploitation reported as public. Multiple sou...

CVE-2025-12223 Bdtask Flight Booking Software Package Information package-information unrestricted upload

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public...

CVE-2025-12223 Bdtask Flight Booking Software Package Information package-information unrestricted upload

A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public...

PT-2025-43877

Name of the Vulnerable Software and Affected Versions Bdtask Flight Booking Software versions prior to 3.2 Description A flaw exists in Bdtask Flight Booking Software that allows for unrestricted file uploads. This issue affects the Package Information Module, specifically within the...

EUVD-2008-5471

Malware in sbrugna...

CVE-2024-38347

CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter...

CVE-2024-54999

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the lastname parameter the General Information module...

CVE-2024-54999

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the lastname parameter the General Information module...

CVE-2024-54999

MonicaHQ v4.1.2 is affected by a Client-Side Injection vulnerability in the General Information module, exploitable via the last_name parameter. The CVE documents indicate low impact to confidentiality and integrity (C:L, I:L) with no availability impact, and no patch/version fix is specified. A ...

MonicaHQ 安全漏洞

MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version v4.1.2, which stems from the presence of client-side injection initiated via the lastname parameter in the General Information module...

PT-2025-3089 · Monicahq · Monicahq

Name of the Vulnerable Software and Affected Versions: MonicaHQ version 4.1.2 Description: The issue is a Client-Side Injection vulnerability via the last name parameter in the General Information module. This vulnerability can be exploited. Recommendations: For MonicaHQ version 4.1.2, as a...