Lucene search
K

131 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00266EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28409

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0 in in the view purchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.8CVSS6AI score0.00241EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30570

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewsales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30568

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in in the viewpurchase.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00241EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30571

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewcategory.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00266EPSS
Exploits1References1
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30569

CVE-2026-30569 affects SourceCodester Sales and Inventory System 1.0. The flaw is a reflected XSS in view_stock_availability.php triggered through the limit parameter, with the app failing to sanitize input. This enables an attacker to inject arbitrary script/HTML via a crafted URL. CVSSv3.1 base...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/27 12:0 a.m.7 views

CVE-2026-30571

CVE-2026-30571 affects SourceCodester Sales and Inventory System 1.0, specifically the view_category.php file where the limit parameter is not sanitized, enabling a reflected XSS. An attacker can craft a URL to inject arbitrary web script/HTML, which would execute in a victim’s browser. The explo...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30568

CVE-2026-30568 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, arising from the view_purchase.php file via the limiter parameter. The input is not properly sanitized, enabling arbitrary script/HTML injection when a crafted URL is accessed. Connected sources consistentl...

4.8CVSS6AI score0.00241EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/27 12:0 a.m.8 views

CVE-2026-30567

CVE-2026-30567 describes a reflected XSS in SourceCodester Sales and Inventory System 1.0, specifically in the view_product.php script via the input parameter “limit.” The root cause is lack of input sanitization, allowing an attacker to inject arbitrary script or HTML through a crafted URL. The ...

6.1CVSS6AI score0.00271EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28410

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is located in the view stock availability.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

6AI score0.00266EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.9 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from the improper cleanup of the limit parameter in the viewproduct.php file,...

6.1CVSS5.6AI score0.00271EPSS
Exploits1References2
CVE
CVE
added 2026/03/27 12:0 a.m.14 views

CVE-2026-30570

CVE-2026-30570 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is a Reflected Cross-Site Scripting (XSS) in view_sales.php via the limit parameter, where input is not sanitized, allowing remote attackers to inject arbitrary web scripts or HTML through a crafted URL. Conne...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/12/22 12:30 a.m.6 views

EUVD-2025-204678

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...

7.5CVSS6.6AI score0.00388EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/06 12:0 a.m.6 views

PT-2025-49338

The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'woomotiv limit' parameter in all versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS5.6AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-3407

Malware in sbrugna...

7.5CVSS6.4AI score0.01321EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-0506

Malware in sbrugna...

4.3CVSS6.4AI score0.0173EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11247

Malware in sbrugna...

9.8CVSS9.5AI score0.01135EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53492

Malicious code in bioql PyPI...

9.8CVSS8.9AI score0.01573EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-22293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAINMAXDECIMALSTOT parameter. CVE-2022-22293 Note that Nessus relies on the...

5.4CVSS5.6AI score0.00744EPSS
Exploits1References2
Rows per page
Query Builder