7 matches found
EUVD-2017-2816
Malware in sbrugna...
EUVD-2019-17091
Malware in sbrugna...
Cross site scripting
Laravel Booking System Booking Core 2.0 is vulnerable to Cross Site Scripting XSS. The Avatar upload in the My Profile section could be exploited to upload a malicious SVG file which contains Javascript. Now if another user/admin views the profile and clicks to view his avatar, an XSS will trigge...
CVE-2019-7552
An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2. Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section...
Design/Logic Flaw
An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2. Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section...
CVE-2019-7552
An issue was discovered in PHP Scripts Mall Investment MLM Software 2.0.2. Stored XSS was found in the the My Profile Section. This is due to lack of sanitization in the Edit Name section...
CVE-2017-11182
Rise Ultimate Project Manager v1.8 contains cross-site scripting (XSS) vulnerabilities in the My Profile input fields. All input fields are vulnerable, enabling injection of arbitrary script/HTML. The CVE notes an XSS issue but does not provide exploitation status, impact depth beyond the stated ...