itsourcecode Human Resource Management System SQL注入漏洞

itsourcecode Human Resource Management System is itsourcecode open source human resource management system. A SQL injection vulnerability exists in itsourcecode Human Resource Management System version 1.0, which originates from the incorrect operation of the parameter noticeDesc in the file...

CVE-2022-2087

A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...

SMF（Simple Machines Forum） 跨站脚本漏洞

SMF Simple Machines Forum is a free, open source community forum project by Simple Machines Open Source. A cross-site scripting vulnerability exists in SMF Simple Machines Forum version 2.1.4, which stems from improper manipulation of the Notice parameter in the ManageAttachments.php file, and...

CampCodes School Management Software 代码注入漏洞

CampCodes School Management Software is a school management software from CampCodes, Inc. A code injection vulnerability exists in version 1.0 of CampCodes School Management Software, which stems from the parameter Notice in the file /notice-list and can lead to cross-site scripting...

CVE-2022-2087

A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input alert1 leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2021-24999

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjnotice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting...

CVE-2021-38326

The Post Title Counter WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the /post-title-counter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1...

CVE-2021-38326

The Post Title Counter WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the /post-title-counter.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1...

Post Title Counter <= 1.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the /post-title-counter.php file which allows attackers to inject arbitrary web scripts...

CVE-2018-14440

An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageActionqueryNotice.action noticeInfo parameter...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...