CVE-2024-4684

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /view/examtimetablegradewise.php. The manipulation of the argument exam leads to cross site scripting. It is possible to initiate...

CVE-2024-4678

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /view/findfriends.php. The manipulation of the argument mytype leads to cross site scripting. The...

CVE-2024-4673

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/showstudentgradesubject.php. The manipulation of the argument id leads to cross site scripting...

CVE-2024-4648

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /view/studentexammarkupdateform.php. The manipulation of the argument stdindex leads to cross site scripting...

The vulnerability of the tutor_instructor_list function in the Tutor LMS plugin for WordPress content management systems allows attackers to perform cross-site scripting attacks.

The vulnerability of the tutorinstructorlist function in the Tutor LMS plugin for WordPress content management systems is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

PT-2024-7375 · Unknown · Форсайт. Аналитическая Платформа

Name of the Vulnerable Software and Affected Versions: Форсайт. Аналитическая платформа affected versions not specified Description: The issue is related to the lack of protection for the web page structure, which can be exploited by a remote attacker to conduct a cross-site scripting XSS attack...

CVE-2024-2391

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may ...

CVE-2024-27684

A Cross-site scripting XSS vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750A1FWv101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

The vulnerability of the xmlattr template filter in Jinja2, a programming language, allows an attacker to perform XSS attacks.

The vulnerability of the xmlattr filter in the Jinja2 templater relates to the lack of protective measures for website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

CVE-2024-1031

A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The...

CVE-2024-1030

A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The associated...

Bosch Nexo cordless nutrunner security breach

Bosch Nexo Cordless nutrunner is a series of cordless tightening wrenches with integrated controls from Bosch Germany. A security vulnerability exists in Bosch Nexo cordless nutrunner. The vulnerability allows remote attackers to inject and execute arbitrary client-side scripting code within a...

CVE-2024-0183

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/students.php of the component NIA Office. The manipulation leads to basic cross site scripting. It is possible to initiate the attack...

CVE-2023-6945

A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack ca...

CVE-2023-6442

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The...

CVE-2023-6301

A vulnerability has been found in SourceCodester Best Courier Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file parcellist.php of the component GET Parameter Handler. The manipulation of the argument id with the input alert...

PT-2023-32416 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions up to 3.3.10 Description: A problematic issue has been found in phpBB, affecting the function main of the file phpBB/includes/acp/acp icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to...

The vulnerability of the Go programming language’s net/html library allows attackers to perform cross-site scripting attacks.

The vulnerability of the net/html library in the Go programming language exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the network management system for monitoring and managing industrial networks in SINEC NMS, related to improper data cleaning in the SNMP configuration, allows a attacker to execute XSS attacks.

The vulnerability of the network management system for monitoring and managing industrial networks in SINEC NMS is related to improper data cleaning in the SNMP configuration. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

CVE-2023-5496

A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as problematic. This issue affects some unknown processing of the component Select Text Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an...