SourceCodester Patient Appointment Scheduler System 安全漏洞

The SourceCodester Patient Appointment Scheduler System is an open-source patient appointment scheduling system developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler System contains a security vulnerability. This vulnerability stems from a remote code...

CVE-2025-6872

A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely...

Online Computer and Laptop Store 跨站脚本漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store version 1.0, which originates from a cross-site scripting vulnerability in the System Name parameter of the...

CVE-2023-6637

The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updatesettings' function in versions up to, and including, 4.7.14. This makes it possible for unauthenticated attackers to update plugin...

CVE-2023-6600 OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. <= 5.7.9 - Missing Authorization to Unauthenticated Directory Deletion and Cross-Site Scripting

The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the updatesettings function hooked via admininit in all versions up to, and including, 5.7.9. Th...

WordPress Plugin OMGF Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

CVE-2021-38841

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

Remote code execution

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

CVE-2021-38841

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the systeminfo page in classes/SystemSettings.php with an updatesettings action...

CVE-2021-38841

CVE-2021-38841 affects Simple Water Refilling Station Management System 1.0. The vulnerability arises in the SystemLogo option on the system_info page, within classes/SystemSettings.php (update_settings action), enabling Remote Code Execution. Connected documents confirm the affected component an...