Cross site scripting

Cross Site Scripting XSS vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component...

CVE-2023-38761

Cross Site Scripting XSS vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component...

PT-2023-26589 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 5.0.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the "systemSettings.php" component. This enables the attacker to perform unauthorized actions on...

Cross site scripting

Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the name parameter at /classes/SystemSettings.php?f=updatesettings...

CVE-2022-3672

A vulnerability, which was classified as problematic, has been found in SourceCodester Sanitization Management System 1.0. This issue affects some unknown processing of the file /php-sms/classes/SystemSettings.php. The manipulation of the argument name/shortname leads to cross site scripting. The...

CVE-2022-3672 SourceCodester Sanitization Management System SystemSettings.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Sanitization Management System 1.0. This issue affects some unknown processing of the file /php-sms/classes/SystemSettings.php. The manipulation of the argument name/shortname leads to cross site scripting. The...

Home Owners Collection Management System Remote Code Execution Vulnerability

Home Owners Collection Management System is a homeowner collection management system. A remote code execution vulnerability exists in Home Owners Collection Management System, which originates from a parameter cover via SystemSettings.php. The remote code execution RCE vulnerability is caused by ...

CVE-2022-25094

Home Owners Collection Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the parameter "cover" in SystemSettings.php...

CVE-2022-25094

Home Owners Collection Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the parameter "cover" in SystemSettings.php...

CVE-2022-25094

CVE-2022-25094 affects Home Owners Collection Management System v1.0. The vulnerability is a remote code execution (RCE) caused by handling of the cover parameter in SystemSettings.php, allowing an attacker to execute code on the vulnerable system. Multiple connected advisories and vendors corrob...

Home Owners Collection Management System 安全漏洞

Home Owners Collection Management System is a homeowner collection management system. A remote code execution vulnerability exists in Home Owners Collection Management System, which originates from a parameter cover via SystemSettings.php. The remote code execution RCE vulnerability is caused by ...

CVE-2021-46428

A Remote Code Execution RCE vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 and previous versions via the botavatar parameter in SystemSettings.php...

Remote code execution

A Remote Code Execution RCE vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 and previous versions via the botavatar parameter in SystemSettings.php...

CVE-2021-46428

CVE-2021-46428 affects Sourcecodester Simple Chatbot Application 1.0 (and earlier versions). The vulnerability is an RCE exposed via the bot_avatar parameter in SystemSettings.php, enabling remote code execution. The available sources indicate a high-severity impact with network access and no aut...

CVE-2021-38841

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

Remote code execution

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

CVE-2021-38841

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

CVE-2021-38841

CVE-2021-38841 affects Simple Water Refilling Station Management System 1.0. The vulnerability arises in the SystemLogo option on the system_info page, within classes/SystemSettings.php (update_settings action), enabling Remote Code Execution. Connected documents confirm the affected component an...

Patient Appointment Scheduler System 1.0 Cross Site Scripting

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...

Patient Appointment Scheduler System 1.0 - Persistent / Stored XSS Exploit

Exploit Title: Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link: https://www.sourcecodester.com/download-code?nid=1492...