6 matches found
CVE-2024-44728
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...
CVE-2024-44728
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...
CVE-2024-44727
Sourcecodehero Event Management System 1.0 is vulnerable to an SQL Injection via the username parameter in /event/admin/login.php. Documented across multiple feeds; no patch/version fix details are provided in the supplied materials. Exploitation details, impact, and mitigations beyond the generi...
CVE-2024-44728
Affected software : Sourcecodehero Event Management System 1.0. Vulnerability : Stored Cross-Site Scripting (XSS) in the API endpoint "/clientdetails/admin/regester.php" via the parameters Full Name, Address, Email, and contact#. Root cause / details : Publicly documented as an XSS path; the issu...
CVE-2024-44728
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...
CVE-2024-44728
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...