PT-2023-32720 · Unknown · Sourcecodester Simple Student Attendance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Student Attendance System version 1.0 Description: A vulnerability was found in the SourceCodester Simple Student Attendance System, affecting an unknown functionality of the file index.php. The manipulation of the page...

PT-2023-32667 · Zentaopms · Zentaopms

Name of the Vulnerable Software and Affected Versions: ZenTao PMS version 18.8 Description: A problematic vulnerability was found in the software, affecting an unknown functionality, which leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2023-5579

A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may...

PT-2023-32045 · Sato · Sato Cl4Nx-J Plus

Name of the Vulnerable Software and Affected Versions: SATO CL4NX-J Plus version 1.13.2-u455 r2 Description: A critical issue affects an unknown functionality of the WebConfig component, leading to improper authentication. The attack must be carried out within the local network. The exploit has...

CVE-2023-5294

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goodsid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed ...

CVE-2023-3785 PaulPrinting CMS cross site scripting

A vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has be...

CVE-2023-3784

A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. The...

Intergard SGS 授权问题漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. An authorization issue vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of unknown functionality in the application, resulting in a privilege issue...

CVE-2023-3318

A vulnerability was found in SourceCodester Resort Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The exploit has been...

SourceCodester Resort Management System 跨站脚本漏洞

Sourcecodester Online Resort Management System is an open source web-based application that provides online room reservations and can also be used as a simple website for resorts. A cross-site scripting vulnerability exists in the SourceCodester Resort Management System version 1.0, which stems...

CVE-2023-3145

A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. Affected by this issue is some unknown functionality of the file classes\Users.php?f=registration. The manipulation of the argument username leads to sql injection. The attack may...

CVE-2023-2901

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /SystemManage/User/GetGridJson?search=false&nd=1680855479750&rows=50&page=1&sidx=FCreatorTime+desc&sord=asc. The...

Sql injection

A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...

CVE-2023-2667 SourceCodester Lost and Found Information System cross site scripting

A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched...

CVE-2023-2210

A vulnerability has been found in Campcodes Coffee Shop POS System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/categories/viewcategory.php. The manipulation of the argument id leads to sql injection. The attack can be launched...

CVE-2023-1683

A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/systemlog.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to t...

UBUNTU-CVE-2023-1452

A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/loadtext.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit...

CVE-2023-1005

A vulnerability was found in JP1016 Markdown-Electron and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Continious delivery...

CVE-2023-0982

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Add Class Entry. The manipulation of the argument id leads to sql injection. The attack can be launched...

java-xmlbuilder vulnerable to XML External Entity Reference

A vulnerability was found in java-xmlbuilder up to 1.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to xml external entity reference. Upgrading to version 1.2 is able to address this issue. The name of the patch is...