15 matches found
CVE-2023-53985
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985 Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS)
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985
CVE-2023-53985 affects Zstore (now Zippy CRM) version 6.5.4. A reflected cross-site scripting vulnerability exists due to unvalidated input parameters, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser context. The CVSS metrics indicate network access with low ...
PT-2026-2417
Name of the Vulnerable Software and Affected Versions Zippy CRM version 6.5.4 Description The software contains a reflected cross-site scripting issue that enables attackers to inject malicious scripts via unvalidated input parameters. Attackers can submit crafted payloads in manual insertion...
Senayan Library Management System v9.0.0 - SQL Injection
Exploit Title: Senayan Library Management System v9.0.0 - SQL Injection Author: nu11secur1ty Date: 11.09.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...
ChurchCRM 4.5.3 SQL Injection Vulnerability
Title: ChurchCRM-4.5.3-121fcc1-SQLi Author: nu11secur1ty Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears to be vulnerable to SQL injection...
Zstore 6.6.0 Cross Site Scripting Vulnerability
Title: zstore-6.6.0 - XSS-Reflected Development: nu11secur1ty Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of manual insertion...
Senayan Library Management System 9.2.0 SQL Injection Vulnerability
Title: Senayan Library Management System v9.2.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.2.0/SQLi...
Senayan Library Management System 9.2.0 Cross Site Scripting Vulnerability
Title: Senayan Library Management System v9.2.0 a.k.a SLIMS 9 XSS-Reflected - inserting gif - redirect to outside HTTPS server Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.0 Reference:...
Senayan Library Management System 9.2.1 SQL Injection Vulnerability
Title: Senayan Library Management System v9.2.1 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.1 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.2.1/SQLi...
Senayan Library Management System 9.2.2 SQL Injection
Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 Multiple SQLi-Not sanitizing correctly cookie session. Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...
Senayan Library Management System 9.2.1 SQL Injection
Title: Senayan Library Management System v9.2.1 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.20.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.1 Reference:...
Senayan Library Management System 9.1.0 SQL Injection Vulnerability
Title: Senayan Library Management System v9.1.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.1.0/slims9bulian-9.1.0.zip Reference:...
Senayan Library Management System 9.0.0 SQL Injection
Title: Senayan Library Management System v9.0.0 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 11.09.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...
Senayan Library Management System 9.5.1 SQL Injection
Title: Senayan Library Management System v9.5.1 a.k.a SLIMS 9 SQLi Author: nu11secur1ty Date: 12.06.2022 Vendor: https://slims.web.id/web/ Software: https://slims.web.id/web/news/rilis-9.5.1/ Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.1...