159 matches found
Employee Record System dashboardedit_employee.php file cross-site scripting vulnerability
Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...
Holded 跨站脚本漏洞
Holded is a business management software from Holded. Holded suffers from a cross-site scripting vulnerability that stems from the presence of a stored cross-site scripting vulnerability that allows an attacker to store a JavaScript payload in the editable icon and name parameters of an active...
Resumes Management and Job Application Website 安全漏洞
Resumes Management and Job Application Website is a resume management and job application website from the individual developers at EGavilan Media. A security vulnerability exists in Resumes Management and Job Application Website version 1.0. An attacker injected arbitrary code via the first and...
Cross-site Scripting (XSS)
Overview microweber/microweber is a new generation CMS with drag and drop. Affected versions of this package are vulnerable to Cross-site Scripting XSS by an admin user who injects malicious scripts into the "First Name" or "Last Name" fields at the /admin/module/view?type=users endpoint. The...
PT-2024-17870 · Unknown · Code-Projects Hospital Management System
Name of the Vulnerable Software and Affected Versions: code-projects Hostel Management System version 1.0 Description: A problematic issue has been found in the processing of the file /admin/registration.php. The manipulation of the arguments fname, mname, and lname leads to cross-site scripting...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
CVE-2024-11742
A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=savetenant. The manipulation of the argument lastname/firstname/middlename leads to cross...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
CVE-2024-51031
A Cross-site Scripting XSS vulnerability in manageaccount.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields...
CVE-2024-10348
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=tenants of the component Manage Tenant Details. The manipulation of the argument Last Name/First Name/Middle Name...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
Online Railway Reservation System 跨站脚本漏洞
Online Railway Reservation System is an online railroad reservation system by adminastro individual developers. A cross-site scripting vulnerability exists in SourceCodester Online Railway Reservation System version 1.0, which stems from a cross-site scripting issue with the First Name/Middle...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
CVE-2024-8610
A vulnerability classified as problematic has been found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /index.php?page=tenants of the component New Tenant Page. The manipulation of the argument Last Name/First Name/Middle Name leads to cros...
PT-2024-39131 · Sourcecodester · Sourcecodester Best House Rental Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A problem has been found in the New Tenant Page component of the file /index.php?page=tenants. The manipulation of the Last Name, First Name, and Middle Name argument...
Online Food Ordering System 跨站脚本漏洞
Online Food Ordering System is an online food ordering system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Food Ordering System version 2.0, which stems from a cross-site scripting attack due to incorrect manipulation of the First Name...
CVE-2024-8563
A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/update.php. The manipulation of the argument firstname/middlename/lastname leads to cross site scripting. It is possible to initiate the attack...
PHP CRUD SQL注入漏洞
PHP CRUD is a PHP-based implementation of add, delete, change and retrieve. A SQL injection vulnerability exists in SourceCodester PHP CRUD version 1.0, which originates from the tblpersonid/firstname/middlename/lastname parameters of the /endpoint/update.php file containing a SQL injection...
PT-2024-39100 · Sourcecodester · Sourcecodester Php Crud
Name of the Vulnerable Software and Affected Versions: SourceCodester PHP CRUD version 1.0 Description: A vulnerability was found in the software, classified as problematic. It affects the file /endpoint/update.php, where the manipulation of the first name, middle name, and last name arguments...