WordPress Clicface Trombi plugin <= 2.08 - Authenticated (Contributor+) Stored Cross-Site Scripting via nom Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via nom Parameter vulnerability discovered by SOPROBRO in WordPress Plugin Clicface Trombi versions = 2.08...

CVE-2024-1029

A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. Affected by this issue is some unknown functionality of the file /front/admin/tenancyDetail.php. The manipulation of the argument Nom with the input Dreux"alert'XSS' leads to cross site scripting. The attack may be...

PT-2024-16162 · Unknown · Cogites Ereserv

Name of the Vulnerable Software and Affected Versions: Cogites eReserv version 7.7.58 Description: A cross-site scripting issue was found in some unknown functionality of the file /front/admin/tenancyDetail.php. The manipulation of the argument Nom with the input Dreux"alert'XSS' leads to...

Tcman Gim 跨站脚本漏洞

Tcman Gim is a facility management software from the Spanish company Tcman designed for use on mobile devices. A cross-site scripting vulnerability exists in TCMAN GIM version v8.01, which stems from a lack of effective filtering and escaping of the mtxtNom y mtxtCognoms parameters in the softwar...

CVE-2012-0899

Cross-site scripting XSS vulnerability in referencement/sitesinscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter...

CVE-2012-0899

Cross-site scripting XSS vulnerability in referencement/sitesinscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter...

CVE-2008-4768

SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

Sql injection

SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely fro...