4 matches found
CVE-2023-46785
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partnerpreference.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-30214 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the id parameter of the "partner preference.php" resource does not validate the characters received and they a...
Cross-site Scripting (XSS)
Apache JSPWiki is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization on the user preference page via the UserName variable...
UBUNTU-CVE-2018-7563
An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by the attacker. The...