CVE-2025-1853 Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated...

CVE-2024-0945

A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. This affects an unknown part of the file /include/file.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotel...

CVE-2025-0174

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/searchresult2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. I...

CVE-2025-0174 code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injection

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/searchresult2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. I...

CVE-2025-0174

CVE-2025-0174 affects code-projects Point of Sales and Inventory Management System 1.0. The vulnerability resides in /user/search_result2.php (Parameter Handler) where the search parameter handling enables remote SQL injection. Exploitation has been disclosed publicly and is corroborated by multi...

CVE-2025-0174 code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injection

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/searchresult2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. I...

CVE-2024-12998

A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2024-12998 code-projects Online Car Rental System GET Parameter index.php cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2024-12998 code-projects Online Car Rental System GET Parameter index.php cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2024-12998

CVE-2024-12998 affects Code-Projects Online Car Rental System 1.0. A cross-site scripting vulnerability exists in an unknown part of the /index.php file within the GET Parameter Handler. The issue allows remote initiation of an attack and has public disclosure. Connected sources consistently desc...

PT-2024-16291 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been found in the component POST Parameter Handler, specifically in the file /kortex lite/control/edit profile.php. The manipulation of...

CVE-2024-9093

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...

CVE-2024-9093

CVE-2024-9093 affects SourceCodester Profile Registration without Reload Refresh 1.0, specifically the del.php file in the GET Parameter Handler. The vulnerability is a SQL injection caused by manipulation of the argument list, enabling remote exploitation with no user interaction. Multiple sourc...

PT-2024-39427 · Unknown · Sourcecodester Profile Registration Without Reload Refresh

Name of the Vulnerable Software and Affected Versions: SourceCodester Profile Registration without Reload Refresh version 1.0 Description: A critical vulnerability has been found in the software, affecting an unknown part of the file del.php of the component GET Parameter Handler. The manipulatio...

CVE-2024-8867

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting. The attack can be...

CVE-2024-8867

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting. The attack can be...

CVE-2024-8867

CVE-2024-8867 affects Perfex CRM 3.1.6. The vulnerability exists in an unknown portion of the code path related to the Parameter Handler, specifically file application/controllers/Clients.php, where manipulation of the message argument enables cross-site scripting (XSS). The attack is possible re...

CVE-2024-8867 Perfex CRM Parameter Clients.php cross site scripting

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting. The attack can be...

CVE-2024-8154 SourceCodester QR Code Bookmark System Parameter update-bookmark.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester QR Code Bookmark System 1.0. Affected is an unknown function of the file /endpoint/update-bookmark.php of the component Parameter Handler. The manipulation of the argument tblbookmarkid/name/url leads to cross site...

CVE-2024-8154 SourceCodester QR Code Bookmark System Parameter update-bookmark.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester QR Code Bookmark System 1.0. Affected is an unknown function of the file /endpoint/update-bookmark.php of the component Parameter Handler. The manipulation of the argument tblbookmarkid/name/url leads to cross site...