Huawei EulerOS: Security Advisory for augeas (EulerOS-SA-2026-1154)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-28292 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: phpok version 6.4.003 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the ok f method located in the framework/api/upload control.php file. Recommendations: For phpok version 6.4.003, consider disabli...

PT-2024-12882 · Unknown · Openclinic Ga

Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: An issue was discovered in OpenClinic GA, allowing an attacker to perform a directory path traversal via the Page parameter in a GET request to the "main.do" endpoint. Recommendations: For OpenClini...

PT-2024-20267 · Code Projects · Code-Projects Computer Book Store

Name of the Vulnerable Software and Affected Versions: Code-projects Computer Book Store version 1.0 Description: The issue is related to SQL Injection via BookSBIN. Recommendations: For Code-projects Computer Book Store version 1.0, consider restricting access to the BookSBIN component to minimi...

PT-2024-19501 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It occurs via the "/system/links/add link" API endpoint. This allows for potentially malicious requests to be made without the user's knowledge or...

meincamp.de Improper Access Control vulnerability OBB-3768546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

andrologiaitaliana.it Cross Site Scripting vulnerability OBB-3398294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-16925 · Sourcecodester · Sourcecodester Gadget Works Online Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Gadget Works Online Ordering System version 1.0 Description: A critical issue was found in the component POST Parameter Handler, affecting an unknown part of the file /philosophy/admin/login.php. The manipulation of the user...

PT-2022-27195 · Tenda · Tenda I21

Name of the Vulnerable Software and Affected Versions: Tenda i21 version 1.0.0.144656 Description: The issue is related to a Buffer Overflow that can be triggered via the /goform/setSnmpInfo API endpoint. This allows for potential exploitation. Recommendations: For Tenda i21 version 1.0.0.144656,...

PT-2022-25197 · Unknown · Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: Online Tours & Travels Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tour/admin/update payment.php" API endpoint...

PT-2022-17976

Name of the Vulnerable Software and Affected Versions Online Banking System Protect version 1.0 Description The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities are accessible via parameters on the user profile, system info, and accounts management pages...

CVE-2021-38681

A reflected cross-site scripting XSS vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security pat...

teatrosancarlo.it XSS vulnerability

Vulnerable URL: http://www.teatrosancarlo.it/it/search/index?querystring=%22%3E%3Csvg%20onload=alert/XSS/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 472747 VIP website...

support.johnson.cornell.edu XSS vulnerability

Vulnerable URL: http://support.johnson.cornell.edu/SitePages/How To Use This Library.aspx?FollowSite=0='-confirm/OPENBUGBOUNTY/-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

d2qsy1h1438jt3.cloudfront.net Open Redirect vulnerability

Vulnerable URL: http://d2qsy1h1438jt3.cloudfront.net/redirect.ashx?url=data%3Atext%2Fhtml%3Bbase64%2CPHNjcmlwdD5hbGVydCgvT1BFTkJVR0JPVU5UWS8pPC9zY3JpcHQ%2B Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 03.01.2018 Vulnerability type:| Open Redirect...

dwm.li XSS vulnerability

Vulnerable URL: http://www.dwm.li/en/contact-form.php/%22%27--!%3E%3CScript%20/K/%3Econfirm1%3C/Script%20/K/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11437951 VIP website...

alderhey.nhs.uk XSS vulnerability

Vulnerable URL: http://www.alderhey.nhs.uk/?s=%22--!%3E%3CSvg/Onload=confirmopenbugbounty%3E%22 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 22.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1457986 VIP...

imandragora.cz XSS vulnerability

Vulnerable URL: http://www.imandragora.cz/vyhledavani/?hledany-vyraz=mumio"'--!=0=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7472371 VIP website status:| No Check...

info-congres.com XSS vulnerability

Vulnerable URL: http://www.info-congres.com/account.php Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 05.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

vtmag.vt.edu XSS vulnerability

Vulnerable URL: http://www.vtmag.vt.edu/fall13/!prettyPhoto/0,%3Ca%20onclick=%22alert%27OPENBUGBOUNTY%27;%22%3E/ Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 29.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...