WordPress plugin Visual Footer Credit Remover 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-22444 · WordPress · Visual Footer Credit Remover

Name of the Vulnerable Software and Affected Versions: Visual Footer Credit Remover plugin for WordPress versions up to, and including, 2 Description: The issue allows authenticated attackers with administrator-level access to inject arbitrary web scripts in pages via the selector parameter due t...

Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of Church Management System, which originates from a SQL injection vulnerability in the selector parameter of the /admin/deletelog.php file...

PT-2024-26459 · Unknown · Campcodes Church Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Church Management System version 1.0 Description: A critical issue has been found in the system, affecting the /admin/delete log.php file. The manipulation of the selector argument leads to SQL injection. This issue can be exploited...

Online Courseware SQL注入漏洞

DPEC Online Courseware is an online courseware system from DPEC Corporation. A SQL injection vulnerability exists in version 1.0 of Online Courseware, which originates in the selector parameter of the admin/deactivateteach.php file and can be exploited for SQL injection attacks...

Online Courseware SQL注入漏洞

DPEC Online Courseware is an online courseware system from DPEC Corporation. A SQL injection vulnerability exists in version 1.0 of Online Courseware, which originates in the selector parameter of the admin/deactivatestud.php file and can be exploited for SQL injection attacks...

PT-2024-25757 · Sourcecodester · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue affects the processing of the file admin/activateteach.php, where the manipulation of the selector argument leads to SQL injection. The attack can be initiated remotel...

Online Courseware SQL注入漏洞

DPEC Online Courseware is an online courseware system from DPEC Corporation. A SQL injection vulnerability exists in version 1.0 of Online Courseware, which originates from the selector parameter in the admin/activateall.php file and can be exploited for SQL injection attacks...

PT-2024-25743 · Sourcecodester · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue has been found in the software, affecting the file admin/deactivatestud.php. The manipulation of the selector argument leads to SQL injection. This issue can be...

PT-2024-25728 · Unknown · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue was found in the software, affecting an unknown function of the file admin/deactivateteach.php. The manipulation of the selector argument leads to SQL injection. It is...

PT-2024-21393 · Unknown · Klik Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: KLiK SocialMediaWebsite version 1.0.1 Description: A reflected cross-site scripting XSS vulnerability may allow remote attackers to execute arbitrary JavaScript in the web browser of a user. This can be achieved by including a malicious paylo...

CVE-2023-38876

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

PT-2023-26655 · Unknown · Php-Login-System

Name of the Vulnerable Software and Affected Versions: PHP-Login-System version 2.0.1 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in a user's web browser. This is achieved by including a malicious payload into the selector...