CVE-2024-12943

A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ownersignup.php. The manipulation of the argument f/e/p/m/o/n/c/s/ci/a leads to sql injection. The attack can be...

CVE-2024-11744 1000 Projects Portfolio Management System MCA register.php sql injection

A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...

CVE-2024-10700

CVE-2024-10700 affects code-projects University Event Management System 1.0. A SQL injection vulnerability exists in submit.php via multiple parameters (name, email, title, Year, gender, fromdate, todate, people, etc.). The attack is remotely exploitable; public disclosures exist. Several sources...

Rocket.Chat: [Security Vulnerability Rocket.chat] HTML Injection into Email via Signup

Description Due to a lack of sanitization and validation in parameter affected, we can input HTML Tag and system will render it into Email victim. Affected Endpoint https://chat.oas.greenhost.net/home Parameter : Name Step to produce In textbox name, input HTML code like "\”@x.y " And in Email,...