EUVD-2022-43438

Malicious code in bioql PyPI...

EUVD-2023-33700

Malicious code in bioql PyPI...

CVE-2009-3189

Cross-site scripting XSS vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter...

Video Gallery < 1.0.11 - Reflected XSS

The plugin does not sanitise and escape the searchterm parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

video carousel slider with lightbox < 1.0.23 - Reflected XSS

The plugin does not sanitise and escape the searchterm parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Online Banking System SQL Injection Vulnerability (CNVD-2022-68372)

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System has a security vulnerability that originates in the searchterm parameter in the /net-banking/customertransactions.php location. term parameter in /net-banking/customertransactions.php ha...

Online Banking System SQL Injection Vulnerability (CNVD-2022-68373)

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System contains a security vulnerability that originates in the searchterm parameter in the /net-banking/transactions.php location. injection issue in the searchterm parameter at...

CVE-2022-40120

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...

Sql injection

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/transactions.php...

Sql injection

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...

CVE-2022-40120

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...

RosarioSIS cross-site scripting vulnerability (CNVD-2023-74437)

RosarioSis is a student information system. It is used to manage students, create reports and make the right decisions. A cross-site scripting vulnerability exists in RosarioSIS version 8.2.1, which stems from a lack of data validation filtering on user-supplied data and output. An attacker can...

RosarioSIS XSS Vulnerability

Reflected Cross-site scripting XSS vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the searchterm parameter in the modules/Scheduling/Courses.php script...

CVE-2018-16762

FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or searchterm parameter to pages/items...

CVE-2018-15151

SQL injection vulnerability in interface/deidentificationforms/findcodepopup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'searchterm' parameter...

Sql injection

Multiple SQL injection vulnerabilities in Invision Power Board IPB or IP.Board 3.0.0, 3.0.1, and 3.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 searchterm parameter to admin/applications/core/modulespublic/search/search.php and 2 aid parameter to...

CVE-2008-0722

Cross-site scripting XSS vulnerability in index.php in Pagetool 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter in a pagetoolsearch action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2006-3061

Multiple cross-site scripting XSS vulnerabilities in 5 Star Review allow remote attackers to inject arbitrary web script or HTML via the 1 sort parameter in index2.php, 2 itemid parameter in report.php, 3 searchterm parameter aka the "search box" in searchreviews.php, 4 the profile field in...

Cross site scripting

Cross-site scripting XSS vulnerability in searchresult.php in Meeting Reserve 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-1399

CVE-2006-1399 describes a cross-site scripting (XSS) vulnerability in the searchresult.php component of Meeting Reserve 1.0 beta. The issue arises when processing the search_term parameter, allowing remote attackers to inject arbitrary web script or HTML. The available documents identify the affe...