30 matches found
EUVD-2007-2500
Malware in sbrugna...
EUVD-2022-32584
Malicious code in bioql PyPI...
CVE-2022-28099
Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php...
CVE-2024-29390
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...
PHPGurukul Daily Expenses Management System Security Vulnerability
PHPGurukul Daily Expenses Management System is a daily expenses management system from PHPGurukul, Inc. A security vulnerability exists in PHPGurukul Daily Expenses Management System version 1.0, which is caused by a time-based SQL injection vulnerability in the add-expense.php page, which can be...
CVE-2024-4455
The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘item’ parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
VulnCheck KEV: CVE-2024-4455
The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the item parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
Simple Inventory System SQL注入漏洞
Simple Inventory System is a simple inventory system by argie individual developer. SourceCodester Simple Inventory System version 1.0 suffers from a SQL injection vulnerability that stems from the parameter ITEM in the file updateproduct.php that can lead to SQL injection...
PT-2024-34491 · Sourcecodester · Sourcecodester Simple Inventory System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Inventory System version 1.0 Description: A critical issue has been found in the updateproduct.php file, where the manipulation of the ITEM argument leads to SQL injection. This issue can be exploited remotely. The explo...
PT-2024-16176 · Unknown · Codeastro Expense Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Expense Management System version 1.0 Description: A vulnerability was found in the CodeAstro Expense Management System, affecting the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the ite...
Expense Management System 跨站脚本漏洞
Expense Management System is an expense management system. A cross-site scripting vulnerability exists in Expense Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter item of templates/5-Add-Expenses.php in the compone...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system. A cross-site scripting vulnerability exists in Inventory Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter newitem in the component New Item Creation...
CVE-2023-6769
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lpadmin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution...
PT-2023-32770 · Unknown · Amazing Little Poll
Name of the Vulnerable Software and Affected Versions: Amazing Little Poll versions 1.3 through 1.4 Description: The issue is a Stored XSS vulnerability that allows a remote attacker to store a malicious JavaScript payload in the "lp admin.php" file using the question and item parameters. This...
Lost and Found Information System SQL注入漏洞
Lost and Found Information System is a lost and found information system by oretnom23 individual developer. A SQL injection vulnerability exists in SourceCodester Lost and Found Information System version 1.0, which stems from a problem in the file admin/?page=items/manageitem of the component GE...
CVE-2022-28099
Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php...
Sql injection
Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php...
CVE-2022-28099
Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php...
CVE-2022-28099
Poultry Farm Management System v1.0 contains a SQL injection vulnerability in the Item parameter of /farm/store.php. The issue is documented across multiple feeds, with CVSS metrics indicating a high impact (C/H/I/A) per CVSS 3.1 (8.8) and medium to high severity in CVSS 2.0 (6.5). The root cause...
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...