44 matches found
CVE-2022-35421
Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php...
Simple Food Ordering System addproduct.php file cross-site scripting vulnerability
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname/category/price in the file /addproduct.php, which c...
Simple Food Ordering System editcategory.php file cross-site scripting vulnerability
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname in the file /editcategory.php, which can be exploit...
Simple Food Ordering System editproduct.php file cross-site scripting vulnerability
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...
CVE-2025-12298
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-12298
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-12298
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-12299 code-projects Simple Food Ordering System addproduct.php cross site scripting
A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...
CVE-2025-12298 code-projects Simple Food Ordering System editcategory.php cross site scripting
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-12298
The CVE-2025-12298 entry concerns code-projects’ Simple Food Ordering System 1.0, with a cross-site scripting (XSS) flaw in /editcategory.php via the pname parameter. Public exploitation is indicated across multiple connected sources (CNVD, RH, NVD, CVE list, etc.), suggesting remote initiation a...
EUVD-2025-36227
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
CVE-2025-12298 code-projects Simple Food Ordering System editcategory.php cross site scripting
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...
Code-Projects Simple Food Ordering System 代码注入漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname in the file /editcategory.php, which can be exploit...
PT-2025-43991
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security issue exists in code-projects Simple Food Ordering System 1.0. The issue is related to cross site scripting, which can be triggered by manipulating the pname argument...
Code-Projects Simple Food Ordering System 代码注入漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...
EUVD-2025-24860
Malicious code in bioql PyPI...
EUVD-2022-38309
Malicious code in bioql PyPI...
CVE-2025-8967
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...
CVE-2025-8967
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...
CVE-2025-8967 itsourcecode Online Tour and Travel Management System packages.php sql injection
A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...