85 matches found
CVE-2024-7936
A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferredreport.php. The manipulation of the argument start/end/employee leads to sql injection. It is possible to initiate the attack remotely...
itsourcecode Project Expense Monitoring System SQL注入漏洞
itsourcecode Project Expense Monitoring System is a project expense monitoring system from itsourcecode, Inc. A SQL injection vulnerability exists in itsourcecode Project Expense Monitoring System version 1.0, which stems from operations on the parameters start/end/employee that result in SQL...
CVE-2024-33980
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...
CVE-2024-33981
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/index.php'...
CVE-2024-33981
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/index.php'...
CVE-2024-33980
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...
CVE-2024-33981 Cross-site Scripting in Janobe products
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/index.php'...
CVE-2024-33980 Cross-site Scripting in Janobe products
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...
CVE-2024-33980 Cross-site Scripting in Janobe products
Cross-Site Scripting XSS vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/modreports/printreport.php'...
PT-2024-25613 · Paypal · Paypal
Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: A Cross-Site Scripting XSS issue allows an attacker to create a specially crafted URL and send it to a victim to obtain details of their session cookie via the start paramete...
PayPal,Credit Card and Debit Card Payment 跨站脚本漏洞
PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe Personal Developer. A cross-site scripting vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can create a specially crafted URL and send it to the...
SQL Injection
silverstripe/framework is vulnerable to SQL injection. The vulnerability is due to the 'start' querystring parameter not being safely escaped, which exposes a possible SQL injection risk...
HSC Cybersecurity HC Mailinspector 安全漏洞
HSC Cybersecurity HC Mailinspector is a cloud email security solution from HSC Cybersecurity. A security vulnerability exists in HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through 5.2.18. A remote attacker can exploit this vulnerability to obtain sensitive information about the start an...
PT-2024-24537 · Hsc Cybersecurity · Hc Mailinspector
Name of the Vulnerable Software and Affected Versions: HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through 5.2.18 Description: The issue allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameters in the "mliWhiteList.php" component...
Vyper 安全漏洞
Vyper is the Pythonic smart contract language for EVM. A security vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from when the buffer parameters are msg.data, self.code, .code, start, length...
CVE-2023-33481
RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php...
Sql injection
RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php...
CVE-2023-33481
RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection in the 'start' parameter of patients/index.php. The issue stems from improper handling of user input in that endpoint, enabling an attacker to infer data via time-based responses. Impact is described as high/confidentiality, integ...
Saad Irfan RemoteClinic Security Vulnerability
Saad Irfan RemoteClinic is a Saad Irfan open source application. Provides the ability to remotely manage your clinic via the Web. A security vulnerability exists in Saad Irfan RemoteClinic version 2.0, which stems from a SQL injection vulnerability in the parameter start of the file...
The vulnerability of the WanDynamicIpV6CfgRpm component (/userRpm/WanDynamicIpV6CfgRpm.htm) in the TP-Link TL-WR940N router software allows a attacker to cause a service failure.
The vulnerability of the WanDynamicIpV6CfgRpm component /userRpm/WanDynamicIpV6CfgRpm.htm of the TP-Link TL-WR940N router software is related to the issue where an operation outside the buffer is performed when processing the ipStart parameter. Exploiting this vulnerability allows a remote attack...