115 matches found
CVE-2019-15811
In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS...
CVE-2010-1051
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Ouch 缓冲区错误漏洞
Ouch is an application from the Ouch open source. A buffer error vulnerability exists in Ouch 0.3.1 and earlier versions, which stems from memory corruption due to the operation of the MONTH parameter...
CVE-2025-2847
A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-26200
SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitorreportday.php component...
SLiMS 安全漏洞
SLiMS Senayan Library Management System is a free library management system from SLiMS open source. A security vulnerability exists in SLiMS version 9.6.1, which stems from the month parameter of monitorreportday.php not being handled correctly, allowing remote attackers to elevate privileges...
Best House Rental Management System SQL Injection Vulnerability
Best House Rental Management System is a house rental management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Best House Rental Management System version 1.0, which stems from a manipulation of the parameter monthof that can lead to SQL injection...
PT-2024-37318 · Unknown · Itsourcecode Online House Rental System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online House Rental System version 1.0 Description: A critical issue was found in the itsourcecode Online House Rental System, affecting an unknown functionality of the file manage user.php. The manipulation of the month of...
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-34930
A SQL injection vulnerability in /model/allevents1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the month...
PT-2024-26253 · Campcodes · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the month parameter in the "/model/all events1.php" API endpoint. Recommendations: F...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the month...
PT-2024-26259 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the month parameter in the "/view/event1.php" API endpoint. Recommendations: For...
CVE-2024-4652
A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/showteacher2.php. The manipulation of the argument month leads to cross site scripting. It is possible to launch the atta...
Complete Web-Based School Management System 跨站脚本漏洞
Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the month...
CVE-2024-4526
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /view/studentpaymentdetails3.php. The manipulation of the argument month leads to cross site scripting. The attack may be...
CVE-2024-4519
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /view/teachersalarydetails3.php. The manipulation of the argument month leads to cross site scripting. The attack may be...
Campcodes Complete Web-Based School Management System 跨站脚本漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...