SUSE CVE-2018-14648

A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service...

CVE-2022-45730

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

CVE-2022-45730

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

Cross site scripting

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

Doctor Appointment Management System 跨站脚本漏洞

Doctor Appointment Management System is a Doctor Appointment Management System by the individual developer ANUJ KUMAR. A security vulnerability exists in Doctor Appointment Management System version v1.0.0, which originates from cross-site scripting XSS and allows an attacker to execute arbitrary...

CVE-2022-45730

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

PT-2023-14740 · Unknown · Doctor Appointment Management System

Name of the Vulnerable Software and Affected Versions: Doctor Appointment Management System version 1.0.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function. Recommendations: For Doctor...

CVE-2022-46128

phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting XSS via searchdata=...

SQL Injection in search function

Description In the search function \ \ \ \ With options recentplayed, user input is taken directly into the query without being included in the prepare statement \ \ \ Proof of Concept POST /ampache-5.5.6allphp7.4/public/search.php?type=song HTTP/1.1 Host: localhost:8888 User-Agent: Mozilla/5.0...

Sql injection

A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The identifier of the patch is 5d72753c2e95bb373aa86824939397dc25f679ea. It is recommended to apply a patch to fix thi...

PT-2023-10145 · Unknown · Gmail-Servlet

Name of the Vulnerable Software and Affected Versions: gmail-servlet affected versions not specified Description: A critical issue was found in the function search of the file src/Model.java, which leads to sql injection. Recommendations: At the moment, there is no information about a newer versi...

CVE-2022-45892

In Planet eStream before 6.72.10.07, multiple Stored Cross-Site Scripting XSS vulnerabilities exist: Disclaimer, Search Function, Comments, Batch editing tool, Content Creation, Related Media, Create new user, and Change Username...

CVE-2021-4273

A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the...

Cross site scripting

A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the...

PT-2022-11671 · Unknown · Studygolang

Name of the Vulnerable Software and Affected Versions: studygolang affected versions not specified Description: A problematic vulnerability was found in studygolang, affecting the Search function of the file http/controller/search.go. The manipulation of the argument q leads to cross-site...

CVE-2021-4273

CVE-2021-4273 affects studygolang’s Search function (http/controller/search.go). Manipulating the q parameter triggers cross‑site scripting, with remote attack potential. A patch is available: 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. References point to the GitHub commit/pull and VDB-216478. The...

CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

Cross site request forgery (csrf)

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

perfSONAR 跨站请求伪造漏洞

perfSONAR is a widely deployed test and measurement infrastructure used by scientific networks and facilities around the world to monitor and ensure network performance. A security vulnerability exists in perfSONAR versions v4.x through v4.4.5 that stems from the inclusion of cross-site request...