CVE-2023-2922

A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...

CVE-2023-2672

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch th...

CVE-2023-2690

A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0. This issue affects some unknown processing of the file admin/returnedreuseform.php of the component GET Parameter Handler. The manipulation of the argument clientid leads t...

CVE-2023-2689

A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2022-4591

A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...

CVE-2022-2644

A vulnerability was found in SourceCodester Online Admission System and classified as critical. This issue affects some unknown processing of the component GET Parameter Handler. The manipulation of the argument eid leads to sql injection. The exploit has been disclosed to the public and may be...

CVE-2020-36644

A vulnerability has been found in jamesmartin Inline SVG up to 1.7.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file lib/inlinesvg/actionview/helpers.rb of the component URL Parameter Handler. The manipulation of the argument filename leads to...

CVE-2023-1059

A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search/id leads to sql injection. The attack can be...

PT-2025-21770 · Sourcecodester · Sourcecodester Doctors Appointment System

Name of the Vulnerable Software and Affected Versions: SourceCodester Doctor's Appointment System version 1.0 Description: A critical issue affects an unknown part of the file /admin/appointment.php of the component GET Parameter Handler. The manipulation of the ID argument leads to SQL injection...

CVE-2025-3999

A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\common\js\addDate\date.jsp of the component URL Parameter Handler. Th...

CVE-2025-3999

A vulnerability, which was classified as problematic, has been found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. This issue affects some unknown processing of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\common\js\addDate\date.jsp of the component URL Parameter Handler. Th...

CVE-2025-3999

CVE-2025-3999 affects Seeyon Zhiyuan OA Web Application System 8.1 SP2. The vulnerability lies in the URL Parameter Handler, specifically processing the file seeyonuild mp ootused? (as described) date.jsp under addDate, enabling cross-site scripting. The issue can be exploited remotely and has h...

PT-2025-18037 · Unknown · Seeyon Zhiyuan Oa Web Application System

Name of the Vulnerable Software and Affected Versions: Seeyon Zhiyuan OA Web Application System version 8.1 SP2 Description: A problematic issue has been found in the Seeyon Zhiyuan OA Web Application System, affecting some unknown processing of the file...

PT-2025-16285 · Demtec · Demtec Graphytics

Name of the Vulnerable Software and Affected Versions: Demtec Graphytics version 5.0.7 Description: A vulnerability was found in Demtec Graphytics, affecting an unknown part of the file/visualization of the component HTTP GET Parameter Handler. The manipulation leads to cross-site scripting. It i...

CVE-2025-2353

A vulnerability, which was classified as critical, was found in VAM Virtual Airlines Manager up to 2.6.2. Affected is an unknown function of the file /vam/index.php of the component HTTP GET Parameter Handler. The manipulation of the argument ID/registryid/planeicao leads to sql injection. It is...

CVE-2025-2384 code-projects Real Estate Property Management System Parameter InsertCustomer.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /InsertCustomer.php of the component Parameter Handler. The manipulation of the argument...

CVE-2025-2384

CVE-2025-2384 affects code-projects’ Real Estate Property Management System 1.0. The vulnerability lies in the Parameter Handler’s InsertCustomer.php, where manipulation of inputs such as txtName, txtAddress, cmbCity, txtEmail, cmbGender, txtBirthDate, txtUserName2, and txtPassword2 enables SQL i...

CVE-2025-1853

A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-1853

The CVE-2025-1853 entry concerns Tenda AC8 firmware 16.03.34.06. Affected component: Parameter Handler, function sub_49E098 in /goform/SetIpMacBind. Root cause: manipulation of the argument list causes a stack-based buffer overflow. Impact: remote attacker may exploit to take control of the devic...

CVE-2025-1853 Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated...