EUVD-2005-2880

Malware in sbrugna...

EUVD-2005-2882

Malware in sbrugna...

Cups Easy cross-site scripting vulnerability (CNVD-2024-13796)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the locationid parameter of...

CVE-2024-23895

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerabilit...

CVE-2024-23895 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerabilit...

CVE-2006-2797

Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the 1 CalendarDetailsID parameter in a month.php, b day.php, and c delCalendar.php; 2 ID parameter in d event.php; 3 AdminUserID parameter in e delAdmin.php; 4...

Sql injection

Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the 1 CalendarDetailsID parameter in a month.php, b day.php, and c delCalendar.php; 2 ID parameter in d event.php; 3 AdminUserID parameter in e delAdmin.php; 4...

CVE-2005-2882

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to 1 thankyou.php or 2 day.php, font parameter to 3 calDaily.php, 4 calMonthly.php, 5...