4 matches found
CVE-2024-42787
CVE-2024-42787 is a Stored XSS in Kashipara Music Management System v1.0, exploitable via /music/ajax.php?action=save_playlist through the title/description fields. Public docs indicate lack of input filtering/escaping, allowing arbitrary script execution. No explicit exploit details are provided...
CVE-2024-42787
A Stored Cross Site Scripting XSS vulnerability was found in "/music/ajax.php?action=saveplaylist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "description" parameter fields...
CVE-2024-40478
A Stored Cross Site Scripting XSS vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields...
CVE-2024-40478
Kashipara Online Exam System v1.0 is affected by a Stored Cross Site Scripting (XSS) vulnerability in the /admin/afeedback.php endpoint. The issue allows remote attackers to execute arbitrary code via the rname and email parameters, as described across multiple sources (CVE-2024-40478, NVD/other ...