Student Information System register.php Cross-Site Scripting Vulnerability

Student Information System is a student information system. The Student Information System suffers from a cross-site scripting vulnerability that stems from the mishandling of user input by an unspecified functional component in the /register.php file. An attacker can exploit this vulnerability b...

chromium-browser: CSP bypass in unspecified component

core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy CSP restrictions by providing an image from an unintended source...

Cross site scripting

Cross-site scripting XSS vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component...

Cross site scripting

Cross-site scripting XSS vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the reportType parameter to an unspecified component...

CVE-2008-7030

Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be...

CVE-2008-4408

Cross-site scripting XSS vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component...

Directory traversal

Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter to an unspecified component...

CVE-2007-5465

Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter to an unspecified component...

Sql injection

SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...