CVE-2023-4437

A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/searchsellpaymenreport.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack...

PT-2023-26526 · Unknown · Phpscriptpoint Insurance

Name of the Vulnerable Software and Affected Versions: phpscriptpoint Insurance version 1.2 Description: A vulnerability was found in the software, classified as problematic. It affects an unknown function of the file /page.php, leading to cross site scripting. The manipulation can be launched...

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the presence of an unknown function in the file /?r=recruit/resume/edit&op=status in the component Interview Handler, which leads to a sql injection via the...

DedeBIZ 跨站脚本漏洞

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. A cross-site scripting vulnerability exists in DedeBIZ version 6.2.10, which originates from the presence of an unknown function in the file /admin/syssqlquery.php, resulting in cross-site scripting...

CVE-2023-3806

A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btnfunctions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

Hospital Management System SQL注入漏洞

The Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A SQL injection vulnerability exists in Hospital Management System version 1.0, which stems from the presence of an unknown functi...

House Rental and Property Listing 代码问题漏洞

House Rental and Property Listing is a system developed in PHP, JavaScript, Bootstrap, CSS and MySQL database. It makes it easy for users to find the right house or property for rent. A code issue exists in SourceCodester House Rental and Property Listing System version 1.0 where a vulnerability...

Campcodes Beauty Salon Management System SQL注入漏洞

Campcodes Beauty Salon Management System is a beauty salon management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Beauty Salon Management System version 1.0, which originates from an unknown function in the file editproduct.php, which results in an sql injection...

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in Intergard SGS 8.7.0. Affected is an unknown function. The manipulation leads to permission issues. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this...

LivelyWorks Articart 输入验证错误漏洞

LivelyWorks Articart is an application from LivelyWorks, Inc. An input validation error vulnerability exists in LivelyWorks Articart version 2.0.1, which stems from the presence of an unknown function in the file /change-language/deDE in the component Base64 Encoding Handler, which causes a...

LivelyWorks Articart 跨站脚本漏洞

LivelyWorks Articart is an application from LivelyWorks, Inc. A cross-site scripting vulnerability exists in LivelyWorks Articart version 2.0.1, which stems from the presence of an unknown function in the file /items/search, leading to cross-site scripting via the parameter searchterm...

PT-2023-25711 · Unknown · Nesote Inout Blockchain Easypayments

Name of the Vulnerable Software and Affected Versions: Nesote Inout Blockchain EasyPayments version 1.0 Description: A critical issue was found in the POST Parameter Handler component of the /index.php/payment/getcoinaddress file. The manipulation of the coinid argument leads to sql injection,...

PT-2023-23362 · Unknown · Sourcecodester Online Discussion Forum Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Discussion Forum Site version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file adminusermanage user.php. Thi...

NFine Rapid Development Platform 加密问题漏洞

NFine Rapid Development Platform is an extremely fast WEB + ORM framework based on C language for NFine individual developers. A security vulnerability exists in NFine Rapid Development Platform, which stems from an unknown function in /Login/CheckLogin that results in a weak hash...

NFine Rapid Development Platform 访问控制错误漏洞

NFine Rapid Development Platform is an extremely fast WEB + ORM framework based on C language for NFine individual developers. NFine Rapid Development Platform suffers from an Access Control Error vulnerability that originates from the presence of an unknown function in...

NFine Rapid Development Platform 安全漏洞

NFine Rapid Development Platform is a C-based, blazing-fast WEB + ORM framework for individual NFine developers. A security vulnerability exists in NFine Rapid Development Platform that originates from /SystemManage/User/GetGridJson?search=false&nd=1680855479750&rows=50&page=1&sidx=F...

cnoa OA 安全漏洞

cona cnoa OA is a collaborative office software from Hipzl cona. A security vulnerability exists in cnoa OA prior to version 5.1.1.5, which originates from the presence of an unknown function in /index.php?app=main&func=passport&action=loginf in the Telnet service component, resulting in the use ...

Weaver E-Office 代码问题漏洞

Weaver E-Office is a collaborative office system from China's Panmicro Technology Weaver. A code issue vulnerability exists in Weaver E-Office version 9.5, which stems from the presence of an unknown function in App/Ajax/ajax.php?action=mobileuploadsave, which leads to unrestricted uploads via th...

KodExplorer 跨站请求伪造漏洞

KodExplorer is a web file manager by warlee personal developer. A cross-site request forgery vulnerability exists in KodExplorer versions prior to 4.49, which stems from the presence of an unknown function that leads to a cross-site request forgery vulnerability. No details of the vulnerability a...

CVE-2023-2220

A vulnerability was found in Dream Technology mica up to 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Form Object Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-226986 is the identifier...