23 matches found
CVE-2024-42571
The CVE-2024-42571 entry concerns School Management System and identifies a SQL injection vulnerability in the insertattendance.php endpoint, exploitable via the medium parameter. Root cause as described: unsanitized input passed to SQL queries in insertattendance.php leading to potential disclos...
phpMyChat 0.14.6 start_page.css.php medium Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code...
CVE-2005-3991
Multiple cross-site scripting XSS vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to 1 startpage.css.php and 2 style.css.php; or the From parameter to userspopupL.php...