CVE-2023-31935

CVE-2023-31935 affects Rail Pass Management System v1.0. A Cross Site Scripting vulnerability exists in the emial parameter of admin-profile.php, enabling a remote attacker to obtain sensitive information. The Red Hat, NVD, CVE lists, and related sources in the connected documents confirm the bas...

CVE-2023-31934

CVE-2023-31934 is a Cross-Site Scripting vulnerability affecting Rail Pass Management System v1.0, enabling a remote attacker to exfiltrate sensitive data via the adminname parameter in admin-profile.php. The Red Hat, NVD, CVE list, PRION, CNNVD, and PT-Security entries consistently describe an X...

Cross site scripting

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack may be...

CVE-2023-3888 Campcodes Beauty Salon Management System admin-profile.php cross site scripting

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack may be...

CVE-2023-3888 Campcodes Beauty Salon Management System admin-profile.php cross site scripting

A vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack may be...

CVE-2023-3874

CVE-2023-3874 affects Campcodes Beauty Salon Management System 1.0. The vulnerability is an SQL injection in the unknown function of the file /admin/admin-profile.php, triggered by manipulating the adminname parameter. It is exploitable remotely, with multiple sources indicating the exploit has b...

PT-2023-26579 · Unknown · Campcodes Beauty Salon Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/admin-profile.php. The manipulation of the adminname argument leads to sql injection...

CVE-2023-1909

The CVE-2023-1909 entry concerns PHPGurukul BP Monitoring Management System 1.0. The User Profile Update Handler’s profile.php is affected; the issue arises from manipulating the name and mobno arguments, enabling a SQL injection. The vulnerability is exploitable remotely and has been disclosed p...

CVE-2023-1397

A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2023-1397

A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2023-1397 SourceCodester Online Student Management System profile.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...

PT-2023-16954 · Sourcecodester · Sourcecodester Online Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student Management System version 1.0 Description: A vulnerability has been found in the SourceCodester Online Student Management System. The issue is related to an unknown function of the file profile.php, where the...

KLiK SocialMediaWebsite SQL Injection Vulnerability

KLiK SocialMediaWebsite is a simple PHP based social media website by Muhammad Saad personal developer. KLiK SocialMediaWebsite v1.0.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in "profile.php". The vulnerability can be...

CVE-2022-42098

KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php...

Sql injection

KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php...

CVE-2022-42098

The CVE-2022-42098 entry concerns KLiK SocialMediaWebsite v1.0.1 with an SQL Injection vulnerability in profile.php caused by lack of validation of user-supplied SQL. The vulnerability can allow access to database information (high impact per CVSS) with network access and low privileges required;...

PT-2022-26249 · Unknown · Klik Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: KLiK SocialMediaWebsite version v1.0.1 Description: The issue concerns SQL Injection via the profile.php file. Recommendations: For version v1.0.1, consider restricting access to the profile.php file until a patch is available. Avoid using...

CVE-2022-42098

KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php...

CVE-2022-41537

Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /useroperations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...