CVE-2024-5115 Campcodes Complete Web-Based School Management System teacher_profile.php sql injection

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacherprofile.php. The manipulation of the argument index leads to sql injection. The attack can be launched...

CVE-2024-4512 SourceCodester Prison Management System edit-profile.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/edit-profile.php. The manipulation of the argument txtfullname/txtdob/txtaddress/txtqualification/cmddept/cmdemployeetype/txtappointmen...

CVE-2024-2780 Campcodes Online Marriage Registration System admin-profile.php cross site scripting

A vulnerability was found in Campcodes Online Marriage Registration System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be initiated...

CVE-2024-2780

CVE-2024-2780 affects Campcodes Online Marriage Registration System 1.0. A cross-site scripting flaw exists in the admin-profile.php file via the adminname parameter, exploitable remotely. Public disclosure is noted. Red Hat and other sources corroborate the same issue. The root cause is input ha...

CVE-2024-2775 Campcodes Online Marriage Registration System user-profile.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.0. This issue affects some unknown processing of the file /user/user-profile.php. The manipulation of the argument lname leads to cross site scripting. The attack may be initiat...

CVE-2024-2769 Campcodes Complete Online Beauty Parlor Management System admin-profile.php sql injection

A vulnerability was detected in Campcodes Complete Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument adminname/email results in sql injection. The attack may be launched remotely. The...

CVE-2024-2719 Campcodes Complete Online DJ Booking System admin-profile.php cross site scripting

A vulnerability classified as problematic has been found in Campcodes Complete Online DJ Booking System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely...

PT-2024-21725

Name of the Vulnerable Software and Affected Versions Campcodes Complete Online DJ Booking System version 1.0 Description A problematic issue has been found in the software. The manipulation of the adminname argument in the file /admin/admin-profile.php leads to cross site scripting. It is possib...

Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Vulnerability

Exploit Title: Petrol Pump Management Software v.1.0 - Stored Cross Site Scripting via SVG file Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0...

CVE-2024-27744

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component...

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

CVE-2024-27744

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component...

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

GYM MS 1.0 Cross Site Scripting

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

CVE-2024-1103

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input leads to cross sit...

CVE-2024-1103 CodeAstro Real Estate Management System Feedback Form profile.php cross site scripting

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input leads to cross sit...

CVE-2024-1103 CodeAstro Real Estate Management System Feedback Form profile.php cross site scripting

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input leads to cross sit...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is...

CVE-2024-1010

CVE-2024-1010 describes a cross-site scripting vulnerability in SourceCodester Employee Management System 1.0, affecting the edit-profile.php file. The issue arises from manipulating the parameters fullname, phone, date of birth, address, and date of appointment, enabling remote, client-side scri...

CVE-2024-1010 SourceCodester Employee Management System edit-profile.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is...