Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

192 matches found

CVE
CVEadded 2024/05/01 12:0 a.m.68 views

CVE-2023-23022

CVE-2023-23022 is an XSS vulnerability in sourcecodester Oretnom23 Employee's Payroll Management System 1.0. The flaw resides in Main.php and allows crafting input in the fields code, title, from_date, and to_date to trigger arbitrary code execution via the web interface. The issue is confirmed a...

6.1CVSS6.4AI score0.00216EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/05/01 12:0 a.m.10 views

CVE-2023-23022

Cross site scripting XSS vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, fromdate and todate inputs in file Main.php...

6.4AI score0.00216EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/05/01 12:0 a.m.9 views

CVE-2023-23022

Cross site scripting XSS vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, fromdate and todate inputs in file Main.php...

6.4AI score0.00216EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/05/01 12:0 a.m.8 views

CVE-2023-23019

Cross site scripting XSS vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function useradd....

5.9AI score0.0021EPSS
Exploits0References1
CVE
CVEadded 2024/05/01 12:0 a.m.49 views

CVE-2023-23021

CVE-2023-23021 describes a Cross Site Scripting (XSS) vulnerability in the sourcecodester Oretnom23 POS Point of Sale System v1.0. The issue arises from unsafely handling user-supplied input in the file Main.php through the fields code , name , and description , enabling an attacker to inject arb...

6.1CVSS6.5AI score0.00216EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/05/01 12:0 a.m.11 views

CVE-2023-23021

Cross Site Scripting XSS vulnerability in sourcecodester oretnom23 pos point sale system 1.0, allows attackers to execute arbitrary code via the code, name, and description inputs in file Main.php...

6.4AI score0.00216EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/05/01 12:0 a.m.2 views

PT-2024-11983 · Unknown · Sourcecodester Oretnom23 Employee'S Payroll Management System

Name of the Vulnerable Software and Affected Versions: sourcecodester oretnom23 employee's payroll management system version 1.0 Description: The issue allows attackers to execute arbitrary code via the code, title, from date, and to date inputs in the file Main.php. This is a Cross Site Scriptin...

6.1CVSS7AI score0.00216EPSS
Exploits1References5
Cvelist
Cvelistadded 2024/05/01 12:0 a.m.11 views

CVE-2023-23019

Cross site scripting XSS vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function useradd....

5.8AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/04/25 12:0 a.m.2 views

PT-2024-22953 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code by sending a crafted payload to the "stepselect main.php" component. Recommendations: For DedeCMS version 5.7, at the moment, ther...

5.3CVSS7.2AI score0.00036EPSS
Exploits0References3
NVD
NVDadded 2023/01/15 6:15 p.m.8 views

CVE-2015-10051

A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function displayallreplies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The patch is identified as...

9.8CVSS6.9AI score0.00297EPSS
Exploits0References3
Prion
Prionadded 2023/01/15 6:15 p.m.9 views

Sql injection

A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function displayallreplies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The patch is identified as...

7.5CVSS7.8AI score0.00297EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/01/15 5:58 p.m.12 views

CVE-2015-10051 bony2023 Discussion-Board main.php display_all_replies sql injection

A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function displayallreplies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The patch is identified as...

5.5CVSS9.9AI score0.00297EPSS
Exploits0References3
OSV
OSVadded 2022/11/08 1:15 a.m.18 views

CVE-2022-41434

EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /lilac/main.php...

6.1CVSS6.1AI score
Exploits0References1
Prion
Prionadded 2022/11/08 1:15 a.m.18 views

Cross site scripting

EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /lilac/main.php...

5.8CVSS6AI score0.00247EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/11/08 12:0 a.m.57 views

CVE-2022-41434

CVE-2022-41434 affects EyesOfNetwork Web Interface version 5.3. The vulnerability is a reflected XSS in the /lilac/main.php endpoint. The CVSS vector from multiple sources indicates a NETWORK attack vector with no privileges required but user interaction needed, and impact on confidentiality/ int...

6.1CVSS6AI score0.00247EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/07/29 11:15 p.m.17 views

CVE-2022-34531

DedeCMS v5.7.95 was discovered to contain a remote code execution RCE vulnerability via the component mytag main.php...

9.8CVSS0.13892EPSS
Exploits1References1
CNVD
CNVDadded 2022/06/16 12:0 a.m.17 views

Brandbugle SQL Injection Vulnerability

Brandbugle is an e-commerce application from Brandbugle India. Brandbugle is vulnerable to SQL injection, which can be exploited by attackers to cause sql injection issues via /main.php...

8.8CVSS4.8AI score0.00212EPSS
Exploits0References1
NVD
NVDadded 2022/06/07 6:15 p.m.7 views

CVE-2020-36536

A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely...

8.8CVSS0.00212EPSS
Exploits0References1
Prion
Prionadded 2022/06/07 6:15 p.m.12 views

Sql injection

A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely...

6.5CVSS8.8AI score0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/06/03 7:10 p.m.3 views

CVE-2020-36536 Brandbugle main.php sql injection

A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely...

6.3CVSS9AI score0.00212EPSS
Exploits0References1
Rows per page
Query Builder