CVE-2022-28102

A cross-site scripting XSS vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php...

CVE-2020-8521

SQL injection with start and length parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql...

CVE-2020-25905

An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in 1 login.php or 2 LoginAsAdmin.php...

Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31002)

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter fullname/contactnumber in the file...

CVE-2025-22526

Deserialization of Untrusted Data vulnerability in mywebtonet PHP/MySQL CPU performance statistics mywebtonet-performancestats allows Object Injection.This issue affects PHP/MySQL CPU performance statistics: from n/a through = 1.2.1...

CVE-2024-55496

A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0. This issue affects some unknown functionality of addcompany.php. Actions on the delete parameter result in SQL injection...

PT-2024-36530 · Unknown · 1000Projects Bookstore Management System Php Mysql Project

Name of the Vulnerable Software and Affected Versions: 1000projects Bookstore Management System PHP MySQL Project version 1.0 Description: A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project. This issue affects some unknown functionality of the "add...

CVE-2024-50355

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can b...

CVE-2024-49759

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "billname" parameter when creating a new bill. This vulnerability can...

CVE-2024-51497 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Custom OID" tab of a device allows authenticated users to inject arbitrary JavaScript through the "unit" parameter when creating a new OID. This vulnerability can le...

CVE-2024-51496

CVE-2024-51496 affects LibreNMS (PHP/MySQL/SNMP-based network monitoring). The vulnerability is a Reflected XSS in the metric parameter of the /wireless and /health endpoints, caused by improper input sanitization. Successful exploitation lets an attacker inject arbitrary JavaScript, potentially ...

CVE-2024-51495 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "overwriteip" parameter when editing a device. This vulnerability results i...

CVE-2024-51494 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability...

CVE-2024-50351 LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting XSS vulnerability in the "section" parameter of the "logs" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code wh...

CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results...

CVE-2024-49764 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Capture Debug Information" page allows authenticated users to inject arbitrary JavaScript through the "hostname" parameter when creating a new device. This...

CVE-2024-49759 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "billname" parameter when creating a new bill. This vulnerability can...

CVE-2024-49759 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "billname" parameter when creating a new bill. This vulnerability can...

CVE-2024-49758 LibreNMS has a stored XSS in ExamplePlugin with Device's Notes

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This...

CVE-2024-49754 LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the API-Access page allows authenticated users to inject arbitrary JavaScript through the "token" parameter when creating a new API token. This vulnerability can result i...