CVE-2026-36324

SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting XSS due to improper handling of user supplied input in the user registration functionality in register.php...

CVE-2025-14566 kidaze CourseSelectionSystem reg.php sql injection

A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initia...

CVE-2020-22818

MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter...

CVE-2024-7700

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing...

CVE-2024-7700 Foreman: command injection in "host init config" template via "install packages" field on foreman

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing...

Online Polling SQL注入漏洞

Online Polling is an online polling system for Fabian Ros individual developers. A SQL injection vulnerability exists in Online Polling version 1.0, which is caused by an SQL injection vulnerability in the email parameter of the registration component of the registeracc.php file...

PT-2023-29138 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: process registration.php affected versions not specified Description: The issue concerns the 'phone' parameter of the process registration.php resource, which does not validate the characters received. As a result, these characters are sent...

Usoc SQL注入漏洞

Usoc is a useful and simple open source Cms by Aaron Junker, an individual developer in Switzerland. USOC suffers from a security vulnerability that stems from USOC's lack of effective filtering and escaping for SQL statements in register.php. In particular, the user-supplied username, e-mail...

Vulnerabilities in CMS SiteEdit

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в CMS SiteEdit. XSS: В скрипте thanks в параметрах formobjemail, formobjmessage, formobjedit, formobjname, formobjcompany, formobjjobtitle, formobjsite, formobjaddress, formobjtelephone, formobjimg, formobjGoTo,...