CVE-2023-0732

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is the function registration of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the argument...

CVE-2023-0686

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

Sql injection

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

PT-2023-33052 · Unknown · Requesthandlercomponent

Name of the Vulnerable Software and Affected Versions: RequestHandlerComponent affected versions not specified Description: The issue allows well-crafted requests to create a denial of service attack. It is related to the use of Xml::build, which enables reading local files. Recommendations: For...

PT-2023-14795 · Opentext · Opentext Content Suite Platform

Name of the Vulnerable Software and Affected Versions: OpenText Content Suite Platform version 16.2.19.1803 Description: An issue was discovered where the request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to...

The Gribbit Web Framework 访问控制错误漏洞

The Gribbit Web Framework is a new ultra-safe, ultra-simple, ultra-fast framework from Luke Hutchison's personal developer. It is used to build complex web applications using Java and other JVM languages. A security vulnerability exists in The Gribbit Web Framework, which originates in the functi...

PT-2023-10141 · Lukehutch · Gribbit

Name of the Vulnerable Software and Affected Versions: lukehutch Gribbit affected versions not specified Description: A problematic issue was found in lukehutch Gribbit, affecting the messageReceived function of the file src/gribbit/request/HttpRequestHandler.java. This issue leads to missing...

CVE-2022-4275

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

CVE-2022-4276

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

Sql injection

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

House Rental System 代码问题漏洞

House Rental System is a rental management system that allows you to add, modify and delete listings and to place reservations. A security vulnerability exists in House Rental System due to unknown functionality in the component POST request handler file tenant-engine.php, where the operation of...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

Movie Ticket Booking System 跨站脚本漏洞

Movie Ticket Booking System is a movie ticket booking system by the individual developer Aman sharma. A security vulnerability exists in Movie Ticket Booking System, which stems from a problem with the unknown functionality of the component POST Request Handler, where manipulation of the paramete...

CVE-2022-4249

CVE-2022-4249 affects the Movie Ticket Booking System. Affected component: POST Request Handler. Root cause: manipulation of the ORDER_ID argument leads to a Cross-Site Scripting (XSS) vulnerability. Impact: allows remote exploitation; attacker can inject script via ORDER_ID. Public exploit/usage...

CVE-2022-4249 Movie Ticket Booking System POST Request cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

PT-2022-26456 · Unknown · Movie Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Movie Ticket Booking System affected versions not specified Description: A problematic issue was found in the Movie Ticket Booking System, affecting an unknown function of the component POST Request Handler. The manipulation of the ORDER ID...

CVE-2022-4222

A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajaxinvoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiate...

CVE-2022-4222

A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajaxinvoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiate...

CVE-2022-4222

CVE-2022-4222 affects SourceCodester Canteen Management System. The vulnerability exists in the POST Request Handler’s function ajax_invoice.php, where manipulation of the parameter that accepts the search value enables a SQL injection. Remote exploitation is suggested by the description. Public ...

drachtio-server 资源管理错误漏洞

drachtio-server is a SIP server built on the sofia SIP stack by drachtio open source. drachtio drachtio-server version 0.8.18 is vulnerable to a memory misquoting vulnerability that stems from the request-handler.cpp component receiving requests when the event The cb instruction responsible for...