CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2024/12/31 9:31 p.m.•7 views

CVE-2024-13083 PHPGurukul Land Record System admin-profile.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument Admin Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

5.3CVSS6.2AI score0.00129EPSS

Cvelist•added 2024/12/31 9:31 p.m.•17 views

CVE-2024-13083 PHPGurukul Land Record System admin-profile.php cross site scripting

5.3CVSS0.00129EPSS

NVD•added 2024/12/29 6:15 p.m.•11 views

CVE-2024-13018

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely...

6.1CVSS0.00097EPSS

Vulnrichment•added 2024/12/29 6:0 p.m.•9 views

CVE-2024-13018 PHPGurukul Maid Hiring Management System profile.php cross site scripting

5.1CVSS6AI score0.00097EPSS

CVE•added 2024/12/29 6:0 p.m.•54 views

CVE-2024-13018

PHPGurukul Maid Hiring Management System v1.0 contains a cross-site scripting vulnerability in /admin/profile.php triggered by manipulation of the input parameter (name/argument name). Multiple connected sources confirm the flaw stems from insufficient input validation/filtering, enabling remote ...

6.1CVSS3.5AI score0.00097EPSS

Exploits0References4Affected Software1

Cvelist•added 2024/12/29 6:0 p.m.•15 views

CVE-2024-13018 PHPGurukul Maid Hiring Management System profile.php cross site scripting

5.1CVSS0.00097EPSS

NVD•added 2024/12/10 8:15 p.m.•14 views

CVE-2024-53481

A Cross Site Scripting XSS vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters...

6.1CVSS0.00177EPSS

Exploits1References2

Cvelist•added 2024/11/14 4:0 p.m.•16 views

CVE-2024-11214 SourceCodester Best Employee Management System profile.php unrestricted upload

A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument websiteimage leads to unrestricted upload. The attack can be initiated remotely...

5.8CVSS0.00198EPSS

Exploits1References5

CVE•added 2024/11/12 2:31 p.m.•49 views

CVE-2024-11125

GetSimpleCMS 3.3.16 is affected by a cross-site request forgery involving the /admin/profile.php endpoint. The issue’s root cause is related to processing in that file, enabling an attacker to perform CSRF remotely. Multiple sources (NVD, RH Red Hat, OSV, CVE records) corroborate the vulnerabilit...

6.9CVSS4.5AI score0.00191EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/11/12 2:31 p.m.•14 views

CVE-2024-11125 GetSimpleCMS profile.php cross-site request forgery

A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

6.9CVSS0.00191EPSS

Cvelist•added 2024/11/04 3:31 p.m.•15 views

CVE-2024-10765 Codezips Online Institute Management System profile.php unrestricted upload

A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument oldimage leads to unrestricted upload. The attack can be initiated remotely. The exploit ha...

6.5CVSS0.00209EPSS

Vulnrichment•added 2024/11/04 3:31 p.m.•11 views

CVE-2024-10765 Codezips Online Institute Management System profile.php unrestricted upload

6.5CVSS7.4AI score0.00209EPSS

CVE•added 2024/10/19 11:31 p.m.•48 views

CVE-2024-10159

Summary of CVE-2024-10159 : The PHPGurukul Boat Booking System 1.0 contains a SQL injection vulnerability in the My Profile Page component, specifically via /admin/profile.php. The vulnerability arises from manipulating parameters such as sadminusername, fullname, emailid, and mobilenumber, enabl...

7.5CVSS7.4AI score0.00092EPSS

Exploits1References5Affected Software1

Cvelist•added 2024/10/15 12:0 a.m.•13 views

CVE-2024-48278

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery CSRF via /edit-profile.php...

0.00232EPSS

Vulnrichment•added 2024/09/26 12:0 a.m.•10 views

CVE-2024-45986

A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...

5.5AI score0.00169EPSS

Cvelist•added 2024/09/26 12:0 a.m.•11 views

CVE-2024-45986

0.00169EPSS

GithubExploit•added 2024/09/16 2:5 p.m.•72 views

Exploit for CVE-2024-55271

Gym Management System CVE-2024-55271 A GYM management sys...

3.5CVSS5.9AI score0.00019EPSS

Exploits2

Cvelist•added 2024/05/20 9:31 a.m.•15 views

CVE-2024-5137 PHPGurukul Directory Management System Searchbar admin-profile.php cross site scripting

A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The attack can be launched...

5.1CVSS3.5AI score0.00129EPSS

Vulnrichment•added 2024/05/20 9:31 a.m.•16 views

CVE-2024-5137 PHPGurukul Directory Management System Searchbar admin-profile.php cross site scripting

5.1CVSS6.2AI score0.00129EPSS