92530 matches found
CVE-2026-7258 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-7261 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-6735 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-7568 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-7259 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-35016
Open ISES Tickets prior to 3.44.2 is vulnerable to a reflected XSS in search.php. The issue arises when an unsanitized value is passed via the frm_query POST parameter, which gets injected into an HTML input field VALUE attribute and echoed back to the user. Exploitation requires authentication a...
CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...
CVE-2026-35014 Open ISES Tickets < 3.44.2 Reflected XSS via routes_nm.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesnm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a hidden input field VALUE attribute. Attacke...
CVE-2026-35011 Open ISES Tickets < 3.44.2 Reflected XSS via opena.php frm_call Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmcall GET parameter directly into page output. Attackers can craft a malicious URL...
EUVD-2026-31182
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patientJF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a JavaScript variable assignment. Attackers...
CVE-2026-35010 Open ISES Tickets < 3.44.2 Reflected XSS via patient_JF.php ticket_id Parameter
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patientJF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a JavaScript variable assignment. Attackers...
CVE-2026-35010
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patientJF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into a JavaScript variable assignment. Attackers...
CVE-2026-35009
Open ISES Tickets prior to 3.44.2 is affected by a reflected XSS in add_note.php via the ticket_id GET parameter. An attacker who is authenticated can craft a URL containing a JavaScript payload in ticket_id, which is then injected into a hidden input VALUE attribute and can execute in the victim...
CVE-2026-35008
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into an HTML attribute. Attackers can craft a...
EUVD-2026-31176
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into an HTML attribute. Attackers can craft a...
CVE-2026-7261 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-6735 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-6722 vulnerabilities
Vulnerabilities for packages: php...
CVE-2026-7259 vulnerabilities
Vulnerabilities for packages: php...
CVE-2025-14179 vulnerabilities
Vulnerabilities for packages: php...