CVE-2023-1358 SourceCodester Gadget Works Online Ordering System POST Parameter login.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Gadget Works Online Ordering System 1.0. This affects an unknown part of the file /philosophy/admin/login.php of the component POST Parameter Handler. The manipulation of the argument useremail leads to sql injection. ...

CVE-2023-1352 SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System login.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to...

CVE-2023-1294 SourceCodester File Tracker Manager System POST Parameter login.php sql injection

A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /filemanager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is...

CVE-2023-1253

A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

CVE-2023-1253 SourceCodester Health Center Patient Record Management System login.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

Sql injection

A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling...

CVE-2023-1057

A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned to this vulnerabili...

Sql injection

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql...

CVE-2022-45599

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password...

Design/Logic Flaw

Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password...

CVE-2023-0917 SourceCodester Simple Customer Relationship Management System login.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to initiate the attack...

CVE-2022-40032

SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information...

Online Food Ordering System login.php Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Online Food Ordering System, an online food ordering system. The vulnerability is caused by a lack of effective filtering and escaping of user-supplied data in the redirect parameter of the login.php page, which can be exploited by attackers to cause...

CVE-2023-24192

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the redirect parameter in login.php...

Cross site scripting

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the redirect parameter in login.php...

CVE-2023-24192

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the redirect parameter in login.php...

PT-2023-19468 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version v2 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability is present in the redirect parameter in the login.php file. Cross-site scripting XSS is a type of securit...

PT-2023-15095 · Nexusphp · Nexusphp

Name of the Vulnerable Software and Affected Versions: NexusPHP versions prior to 1.7.33 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to reflective cross-site scripting XSS attacks. This can be achieved by injecting malicious input int...

NexusPHP 跨站脚本漏洞

NexusPHP is a free and open source complete PT website building solution. versions prior to NexusPHP 1.7.33 contain a security vulnerability that could be exploited by attackers to allow remote attackers to inject arbitrary web scripts or HTML via secret parameters in /login.php...