CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting

A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...

EUVD-2008-6599

Malware in sbrugna...

VulnCheck KEV: CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

PT-2024-38255 · Unknown · Sourcecodester Record Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown part of the file entry.php. The manipulation of the school argument leads to cross-site scripting. It is...

Record Management System 跨站脚本漏洞

Record Management System is a record management system. A cross-site scripting vulnerability exists in Record Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data by parameter school, and can be exploited by an attacker to execute...

CVE-2024-6901

A vulnerability classified as critical has been found in SourceCodester Record Management System 1.0. Affected is an unknown function of the file entry.php. The manipulation of the argument school leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the 1 school and 2 email parameters...

CVE-2008-6637

Multiple cross-site scripting XSS vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the 1 school and 2 email parameters...

CVE-2009-0394

SQL injection vulnerability in login.php in Pre Lecture Exercises PLEs CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter...