2 matches found
CVE-2025-40638
A reflected Cross-Site Scripting XSS vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the 'name' parameter in '/search-results'. This vulnerability can be exploited to steal...
PHPGurukul Online Shopping Portal 安全漏洞
Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the product parameter of search-result.php. An attacker can exploit this vulnerability to execute...