Lucene search
K

159 matches found

CNVD
CNVD
added 2025/05/22 12:0 a.m.6 views

Employee Record System dashboardedit_employee.php file cross-site scripting vulnerability

Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...

5.1CVSS6.1AI score0.00285EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.3 views

Holded 跨站脚本漏洞

Holded is a business management software from Holded. Holded suffers from a cross-site scripting vulnerability that stems from the presence of a stored cross-site scripting vulnerability that allows an attacker to store a JavaScript payload in the editable icon and name parameters of an active...

4.8CVSS6AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

Resumes Management and Job Application Website 安全漏洞

Resumes Management and Job Application Website is a resume management and job application website from the individual developers at EGavilan Media. A security vulnerability exists in Resumes Management and Job Application Website version 1.0. An attacker injected arbitrary code via the first and...

6.3CVSS7.2AI score0.00263EPSS
Exploits0References1
Snyk
Snyk
added 2025/01/10 9:31 p.m.3 views

Cross-site Scripting (XSS)

Overview microweber/microweber is a new generation CMS with drag and drop. Affected versions of this package are vulnerable to Cross-site Scripting XSS by an admin user who injects malicious scripts into the "First Name" or "Last Name" fields at the /admin/module/view?type=users endpoint. The...

5.4CVSS5.2AI score0.0109EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2024/12/29 12:0 a.m.7 views

PT-2024-17870 · Unknown · Code-Projects Hospital Management System

Name of the Vulnerable Software and Affected Versions: code-projects Hostel Management System version 1.0 Description: A problematic issue has been found in the processing of the file /admin/registration.php. The manipulation of the arguments fname, mname, and lname leads to cross-site scripting...

6.1CVSS4.3AI score0.00515EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.5 views

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

5.5CVSS7.3AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 2024/11/26 8:15 p.m.4 views

CVE-2024-11742

A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=savetenant. The manipulation of the argument lastname/firstname/middlename leads to cross...

5.4CVSS4AI score0.00516EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

5.5CVSS7.3AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 2024/11/08 6:15 p.m.3 views

CVE-2024-51031

A Cross-site Scripting XSS vulnerability in manageaccount.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields...

5.4CVSS5.9AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2024/10/24 10:15 p.m.5 views

CVE-2024-10348

A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name...

5.4CVSS3.8AI score0.00425EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/10/16 12:28 a.m.9 views

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

5.5CVSS7.3AI score0.00244EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/28 12:0 a.m.6 views

Online Railway Reservation System 跨站脚本漏洞

Online Railway Reservation System is an online railroad reservation system by adminastro individual developers. A cross-site scripting vulnerability exists in SourceCodester Online Railway Reservation System version 1.0, which stems from a cross-site scripting issue with the First Name/Middle...

5.4CVSS4.5AI score0.00452EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

5.5CVSS7.3AI score0.00244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.12 views

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

5.5CVSS7.3AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 2024/09/09 9:15 p.m.6 views

CVE-2024-8610

A vulnerability classified as problematic has been found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /index.php?page=tenants of the component New Tenant Page. The manipulation of the argument Last Name/First Name/Middle Name leads to cros...

5.4CVSS3.8AI score0.0044EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.3 views

PT-2024-39131 · Sourcecodester · Sourcecodester Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A problem has been found in the New Tenant Page component of the file /index.php?page=tenants. The manipulation of the Last Name, First Name, and Middle Name argument...

5.4CVSS4.2AI score0.0044EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.5 views

Online Food Ordering System 跨站脚本漏洞

Online Food Ordering System is an online food ordering system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Food Ordering System version 2.0, which stems from a cross-site scripting attack due to incorrect manipulation of the First Name...

6.9CVSS4.5AI score0.00546EPSS
Exploits0References5
OSV
OSV
added 2024/09/07 8:15 p.m.5 views

CVE-2024-8563

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/update.php. The manipulation of the argument firstname/middlename/lastname leads to cross site scripting. It is possible to initiate the attack...

6.1CVSS3.8AI score0.00378EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/09/07 12:0 a.m.6 views

PHP CRUD SQL注入漏洞

PHP CRUD is a PHP-based implementation of add, delete, change and retrieve. A SQL injection vulnerability exists in SourceCodester PHP CRUD version 1.0, which originates from the tblpersonid/firstname/middlename/lastname parameters of the /endpoint/update.php file containing a SQL injection...

8.8CVSS7.1AI score0.00415EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/07 12:0 a.m.6 views

PT-2024-39100 · Sourcecodester · Sourcecodester Php Crud

Name of the Vulnerable Software and Affected Versions: SourceCodester PHP CRUD version 1.0 Description: A vulnerability was found in the software, classified as problematic. It affects the file /endpoint/update.php, where the manipulation of the first name, middle name, and last name arguments...

6.1CVSS4.5AI score0.00378EPSS
Exploits1References10
Rows per page
Query Builder