44 matches found
CVE-2026-1147
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...
CVE-2026-1147
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...
CVE-2026-1147
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...
CVE-2026-1147 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_patient_schedule.php cross site scripting
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...
PT-2026-3430
A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/api patient schedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the...
SourceCodester: Patients Waiting Area Queue Management System – Code Injection Vulnerability
The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a code injection vulnerability. This vulnerability...
EUVD-2024-52723
Malicious code in bioql PyPI...
CVE-2024-6453
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /quarantine.php?id=3. The manipulation of the argument pigno/breed/reason leads to sql injection. The attack can be launch...
CVE-2024-54998
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...
CVE-2021-42662
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...
CVE-2024-54998
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...
CVE-2024-54998
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...
CVE-2024-54998
MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...
MonicaHQ 安全漏洞
MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version v4.1.2 that stems from the Reason parameter containing authenticated client-side injection...
Online Food Ordering System 跨站脚本漏洞
Online Food Ordering System is an online food ordering system. A cross-site scripting vulnerability exists in Online Food Ordering System, which originates from the lack of effective filtering and escaping of user-supplied data by the parameter Reason of some unknown functions of the component...
Human Resource Management System 安全漏洞
Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System version 1.0, which is a cross-site scripting vulnerability due to misuse of the parameter Reason...
The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester, which allows a perpetrator to execute JavaScript commands on behalf of a user on the web server
The vulnerability of the “Holiday reason” parameter in the online event booking system SourceCodester exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute JavaScript commands on behalf of a user on the web...
CVE-2021-42662
A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...
DragonByte Technologies vbActivity for vBulletin Cross-Site Scripting Vulnerability
DragonByte Technologies vbActivity for vBulletin is a module with polling and rating functionality for vBulletin, an open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies vbActivity for vBulletin...
CVE-2012-6670
Multiple cross-site scripting XSS vulnerabilities in the DragonByte Technologies vbActivity module before 3.0.1 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the reason parameter in 1 actions/nominatemedal.php or 2 actions/requestmedal.php...