CVE-2024-31395

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to Ver.3.0.32, Ver.2.11.x series versions prior to Ver.2.11.61, Ver.2.10.x series versions prior to Ver.2.10.53, and Ver.2.9 and earlier versions. If this...

CVE-2023-30280

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page...

PT-2024-35380 · Unknown · Weshacks Github Repository

Name of the Vulnerable Software and Affected Versions: WesHacks GitHub repository versions prior to 17 November 2024 or commit 93dfb83 Description: The issue concerns the presence of links to Leostop, a site potentially hosting malicious injected JavaScript files, in the schedule.html page of the...

CVE-2024-42763

A Reflected Cross Site Scripting XSS vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter...

PT-2024-30133 · Unknown · Kashipara Bus Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: Kashipara Bus Ticket Reservation System version 1.0 Description: A Reflected Cross Site Scripting XSS issue was found in the "/schedule.php" page, which allows remote attackers to execute arbitrary code via the bookingdate parameter. This...

Kashipara Bus Ticket Reservation System 安全漏洞

Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the bookingdate parameter of...

CVE-2023-30280

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page...

CVE-2022-36674

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/viewschedule.php...

PT-2022-18198 · Unknown · Sourcecodester Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Class and Exam Scheduling System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Online Class and Exam Scheduling System. The issue is related to an unknown function of the file...

lompocathletics.olinesports.com XSS vulnerability

Vulnerable URL: http://lompocathletics.olinesports.com/schedule.php?sport=1"...

lhscubs.olinesports.com XSS vulnerability

Vulnerable URL: http://lhscubs.olinesports.com/schedule.php?sport=1"...

anguillaairservices.com XSS vulnerability

Vulnerable URL: http://www.anguillaairservices.com/schedule/index.php?airport1=1&airport2;=1"...

UBUNTU-CVE-2014-3197

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a...

Unfixed XSS vulnerability at www.historychannel.com.tr

Security researcher CiCoSz, has submitted on 11/08/2007 a cross-site-scripting XSS vulnerability affecting www.historychannel.com.tr, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/08/2007. It is...