25 matches found
EUVD-2023-48420
Malicious code in bioql PyPI...
EUVD-2022-46315
Malicious code in bioql PyPI...
CVE-2025-20328
A vulnerability in the user profile component of Cisco Webex Meetings could have allowed an authenticated, remote attacker with low privileges to conduct a cross-site scripting XSS attack against a user of the web-based interface. Cisco has addressed this vulnerability in the Cisco Webex Meetings...
CVE-2025-20328
CVE-2025-20328 affects Cisco Webex Meetings’ user profile component. The issue stems from insufficient validation of user-supplied input, enabling an authenticated, low-privilege attacker to deliver a crafted link that could execute cross-site scripting (XSS) against a targeted user in the web in...
CVE-2025-20328
A vulnerability in the user profile component of Cisco Webex Meetings could have allowed an authenticated, remote attacker with low privileges to conduct a cross-site scripting XSS attack against a user of the web-based interface. Cisco has addressed this vulnerability in the Cisco Webex Meetings...
CVE-2022-43271
Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting XSS vulnerability via the User profile component...
Lecms 代码注入漏洞
Lecms is a ten million large data bearing web content management system developed by Lecms Inc. in PHP language. A code injection vulnerability exists in Lecms 3.0.3 and earlier versions, which stems from a cross-site scripting issue with the Edit Profile component in files/admin...
CVE-2024-55103
Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter...
E-Insurance 1.0 Cross Site Scripting
Exploit Title: E-INSUARANCE v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: v1.0...
E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)
Exploit Title: E-INSUARANCE v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: v1.0...
Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Vulnerability
Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested...
CVE-2024-27744
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component...
PT-2024-20424 · Unknown · Employee Management System
Name of the Vulnerable Software and Affected Versions: Employee Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary SQL commands via the txtfullname and txtphone parameters in the "edit profile.php" component. Recommendations: For Employee Management...
Simple and Nice Shopping Cart Script Code Issue Vulnerability
Simple and Nice Shopping Cart Script is simple and nice PHP shopping cart script. A security vulnerability exists in Simple and Nice Shopping Cart Script v.1.0, which originates from a file upload vulnerability. The vulnerability can be exploited to execute arbitrary code via the edit profile...
CVE-2023-44061
File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component...
CVE-2022-43271
Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting XSS vulnerability via the User profile component...
Cross site scripting
Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting XSS vulnerability via the User profile component...
CVE-2022-43271
Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting XSS vulnerability via the User profile component...
The vulnerability of the Profile component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.
The vulnerability of the Profile component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delete data usin...
The vulnerability of the Profile component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Profile component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information via the HTTP network protocol...