CVE-2026-9564

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...

CVE-2025-13349

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...

CVE-2024-42939

A cross-site scripting XSS vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field...

CVE-2024-35583

A cross-site scripting XSS vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field...

PT-2024-26560 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Laboratory Management System version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. Recommendations: For...

Laboratory Management System 安全漏洞

Laboratory Management System is a laboratory management system by oretnom23 individual developer. A security vulnerability exists in Laboratory Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

Event Registration App 安全漏洞

Event Registration App is a JavaScript application for registering event participants by Carlo Montero Personal Developer. A CSV injection vulnerability exists in Carlo Montero Event Registration App v1.0, which stems from improper use of the formula elements of the First Name, Contact, and Remar...

Wedding Hall Booking System 跨站脚本漏洞

Wedding Hall Booking System is a simple PHP-titled wedding hall booking system by the individual developer Carlo Montero. Wedding Hall Booking System suffers from a cross-site scripting vulnerability that stems from the manipulation of the parameter Remarks by an unknown function of the Booking...

CVE-2020-36011

A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...

Cross site scripting

A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...