CVE-2024-33966 SQL injection in Janobe products

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in...

CVE-2024-33981

Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/index.php'...

CVE-2024-33981 Cross-site Scripting in Janobe products

Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/index.php'...

CVE-2024-33980

CVE-2024-33980 is a Cross-Site Scripting (XSS) vulnerability affecting Janobe’s PayPal, Credit Card and Debit Card Payment product version 1.0. The issue enables an attacker to lure a victim with a crafted URL and access the victim’s session cookie via the ‘start’ parameter in /admin/mod_reports/...

Aplaya Beach Resort Online Reservation System 跨站脚本漏洞

Aplaya Beach Resort Online Reservation System is the online room reservation system for Aplaya Beach Resort. A cross-site scripting vulnerability exists in SourceCodester Aplaya Beach Resort Online Reservation System version 1.0, which stems from a cross-site scripting vulnerability in the end...