CVE-2019-25277

FaceSentry Access Control System 6.4.8 contains a cross-site scripting vulnerability in the 'msg' parameter of pluginInstall.php that allows attackers to inject malicious scripts. Attackers can exploit the unvalidated input to execute arbitrary JavaScript in victim browsers, potentially stealing...

Code-Projects Simple Bus Reservation System 安全漏洞

Code-Projects Simple Bus Reservation System is a Code-Projects open source simple bus reservation system. A security vulnerability exists in Code-Projects Simple Bus Reservation System version 1.0, which originates from a stack-based buffer overflow due to the parameter bus operation of function...

CVE-2024-0739

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been...

Leadshop Code Issues Vulnerabilities

Leadshop is a free open source mall system that provides continuous update and iteration services, aiming to create the ultimate user experience! A code issue vulnerability exists in Hecheng Leadshop 1.4.20 and earlier versions, which stems from the parameter install in the file /web/leadshop.php...

CVE-2019-14746

A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

Acontent CMS Cross-Site Scripting Vulnerability

AContent is an eLearning content creation tool and library that supports importing, exporting, and producing IMS content packages. A cross-site scripting vulnerability exists in the newversion parameter of the install.php page in version 1.3 of Acontent, which can be exploited by an attacker to...