Lucene search
+L

5 matches found

NVD
NVD
added 2025/11/18 4:15 p.m.10 views

CVE-2025-9977

Value provided in one of POST parameters sent during the process of logging in to Times Software E-Payroll is not sanitized properly, which allows an unauthenticated attacker to perform DoS attacks. SQL injection attacks might also be feasible, although so far creating a working exploit has been...

5.3CVSS0.02158EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.5 views

PHPGurukul Online Banquet Booking System 代码注入漏洞

Online Banquet Booking System is an online banquet booking system. A cross-site scripting vulnerability exists in Online Banquet Booking System, which originates from the userlogin/userpassword parameters not being effectively filtered in the /admin/login.php file. The vulnerability can be...

6.1CVSS6.2AI score0.00464EPSS
Exploits1References7
OSV
OSV
added 2022/05/16 3:15 p.m.2 views

CVE-2022-1089

The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00577EPSS
Exploits1References1
NVD
NVD
added 2022/03/17 10:15 p.m.17 views

CVE-2021-44088

An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters...

9.8CVSS0.02902EPSS
Exploits1References2
Prion
Prion
added 2022/03/17 10:15 p.m.16 views

Sql injection

An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters...

7.5CVSS9.8AI score0.02902EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder