Cross site scripting

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /listplace/user/ticket/create of the component HTTP POST Request Handler. The manipulation of the argument message leads...

CVE-2023-3827

CVE-2023-3827 affects Bug Finder Listplace Directory Listing Platform 3.0. The vulnerability is in the HTTP POST Request Handler, specifically the /listplace/user/ticket/create endpoint, where manipulating the message argument leads to cross-site scripting. The attack is described as potentially ...

CVE-2023-3793

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

CVE-2023-3793

CVE-2023-3793 affects Weaver e-cology, targeting the HTTP POST Request Handler's filelFileDownloadForOutDoc.class. The root cause is a SQL injection triggered by manipulating the fileid argument with input like 1+WAITFOR+DELAY. This leads to high-severity impact and is described across multiple s...

CVE-2023-3783

A vulnerability was found in Webile 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP POST Request Handler. The manipulation of the argument newfilename/c leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

PT-2023-26133 · Webile · Webile

Name of the Vulnerable Software and Affected Versions: Webile version 1.0.1 Description: A vulnerability was found in the HTTP POST Request Handler component. The manipulation of the new file name/c argument leads to cross-site scripting. It is possible to launch the attack remotely. The exploit...

Webile 跨站脚本漏洞

webileapps Webile is an application from webileapps, Inc. A cross-site scripting vulnerability exists in Webile version 1.0.1, which stems from the parameter newfilename/c of the component HTTP POST Request Handler can lead to cross-site scripting...

CVE-2023-3680

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3679

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=saveinquiry of the component HTTP POST Request Handler. The manipulation of the argument id lead...

CVE-2023-3680

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3678 SourceCodester AC Repair and Services System HTTP POST Request sql injection

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteinquiry of the component HTTP POST Request Handler. The manipulation of the argument ...

CVE-2023-3658

A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=deletebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

CVE-2023-3658

CVE-2023-3658 affects SourceCodester AC Repair and Services System 1.0, specifically the HTTP POST Request Handler in Master.php?f=delete_book. The vulnerability arises from unsafely manipulating the id parameter, leading to SQL injection that can be exploited remotely. Reports indicate a critica...

CVE-2023-3657

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=savebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injectio...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=savebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injectio...

PT-2023-25624 · Sourcecodester · Sourcecodester Ac Repair/Services System

Name of the Vulnerable Software and Affected Versions: SourceCodester AC Repair and Services System version 1.0 Description: A critical issue has been found in the processing of the file Master.php?f=save book of the component HTTP POST Request Handler. The manipulation of the id argument leads t...

PT-2023-25625 · Sourcecodester · Ac Repair/Services System

Name of the Vulnerable Software and Affected Versions: SourceCodester AC Repair and Services System version 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file Master.php?f=delete book. The manipulation of the id argument leads to sql...

CVE-2023-3642

A vulnerability was found in GZ Scripts Vacation Rental Website 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /VacationRentalWebsite/property/8/ad-has-principes/ of the component HTTP POST Request Handler. The manipulation of the argument...

Cross site scripting

A vulnerability has been found in khodakhah NodCMS 3.4.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /en/blog-comment-4 of the component POST Request Handler. The manipulation of the argument commentname/commentcontent leads to cross site...