64 matches found
CVE-2024-10751
A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclos...
Food Ordering Management System 跨站脚本漏洞
Food Ordering Management System is a food ordering management system by Carlo Montero, an individual developer. It provides an online platform to order food from a restaurant or fast food chain. A cross-site scripting vulnerability exists in Food Ordering Management System version 1.0, which stem...
AChecker 安全漏洞
AChecker is an automated accessibility checker open-sourced by the Inclusive Design Institute. It is used to evaluate the accessibility of HTML pages and to help ensure that everyone, including people with disabilities, can use assistive technology to browse the Internet. A security vulnerability...
PT-2024-23713 · Unknown · Phpgurukul Men Salon Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Men Salon Management System version 2.0 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the "index.php" component. This enables attackers to acces...
CVE-2024-0265
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...
CVE-2023-4749
A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to file inclusion. It is possible to launch the attack remotely. The exploit has been...
CVE-2023-40748
PHPJabbers Food Delivery Script 3.0 has a SQL injection SQLi vulnerability in the "q" parameter of index.php...
CVE-2023-36314
There is a Cross Site Scripting XSS vulnerability in the value-text-osmsemailrequestmessage parameters of index.php in PHPJabbers Callback Widget v1.0...
Callback Widget Cross-Site Scripting Vulnerability
PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A cross-site scripting vulnerability exists in PHPJabbers Callback Widget version v1.0, which stems from cross-site scripting XSS in the value-text-osmsemailrequestmessage parameter of ndex.php...
CVE-2022-28521
ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=spsetconfig...
CVE-2022-26265
Contao Managed Edition v1.5.0 was discovered to contain a remote command execution RCE vulnerability via the component phpcli parameter...
Command injection
Contao Managed Edition v1.5.0 was discovered to contain a remote command execution RCE vulnerability via the component phpcli parameter...
CVE-2022-25489
Atom CMS v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the "A" parameter in /widgets/debug.php...
Open Solutions For Education openSIS SQL注入漏洞
openSIS is a free and open source student information system/school management software. openSIS version 8.0 is vulnerable to SQL injection when using MySQL MariaDB as the application database. An attacker can use the index.php username parameter to issue SQL commands to the MySQL MariaDB databas...
getsimplecms 跨站脚本漏洞
GetSimple CMS is an XML-based, completely self-contained, streamlined content management system. A cross-site scripting vulnerability exists in GetSimple CMS 3.3.15 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the timezone parameter of...
SQL injection vulnerability in ne***.asp page di*** parameter and pr***.php page di*** parameter of website building system of Shenzhen Dr. Tong Technology Co.
Ltd. is an Internet infrastructure operator engaged in website construction, website optimization and Internet marketing. There is a SQL injection vulnerability in the ne.asp page di parameter and pr.php page di parameter of the website building system of Shenzhen Dr. Tong Technology Co. Ltd. whi...
Centreon Infrastructure Monitoring Software Code Execution Vulnerability
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A security vulnerability exists in Centreon Infrastructure Monitoring Software version...
DEBIAN-CVE-2019-20379
ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php cs parameter...
UBUNTU-CVE-2019-20379
ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php cs parameter...
UBUNTU-CVE-2019-20378
ganglia-web aka Ganglia Web Frontend through 3.7.5 allows XSS via the header.php ce parameter...