34 matches found
CVE-2019-25542
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the useremail parameter. Attackers can send POST requests to index.php with malicious payloads in the useremail field to...
Netartmedia Real Estate Portal SQL注入漏洞
Netartmedia Real Estate Portal is a real estate transaction website system operated by the Bulgarian company Netartmedia. Version 5.0 of Netartmedia Real Estate Portal has a SQL injection vulnerability. This vulnerability stems from the useremail parameter, which allows for SQL injections,...
CVE-2024-44653
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail parameter in userlogin.php...
CVE-2024-44653
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail parameter in userlogin.php...
CVE-2024-44653
Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the useremail parameter in userlogin.php...
EUVD-2006-1538
Malware in sbrugna...
EUVD-2007-5086
Malware in sbrugna...
EUVD-2022-39286
Malicious code in bioql PyPI...
EUVD-2024-49206
Malicious code in bioql PyPI...
EUVD-2023-49334
Malicious code in bioql PyPI...
EUVD-2021-33135
Malicious code in bioql PyPI...
Web-Based Internet Laboratory Management System login.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from the lack of validation of externally entered SQL statements in the parameter useremail in the file login.php...
CVE-2024-42770
A Stored Cross Site Scripting XSS vulnerability was found in "/core/signupuser.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "useremail" parameter...
CVE-2024-8473
Cross-Site Scripting XSS vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through useremail parameter in /jobportal/admin/login.php...
CVE-2024-8473 SQL injection vulnerability in Job Portal
Cross-Site Scripting XSS vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through useremail parameter in /jobportal/admin/login.php...
CVE-2024-8473 SQL injection vulnerability in Job Portal
Cross-Site Scripting XSS vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through useremail parameter in /jobportal/admin/login.php...
Kashipara Hotel Management System Cross-Site Scripting Vulnerability
Kashipara Hotel Management System is a hotel management system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Hotel Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the useremail parameter of...
Kashipara Hotel Management System 安全漏洞
Kashipara Hotel Management System is a hotel management system from Kashipara. A cross-site scripting vulnerability exists in Kashipara Hotel Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the useremail parameter of...
CVE-2024-42770
A Stored Cross Site Scripting XSS vulnerability was found in "/core/signupuser.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "useremail" parameter...
CVE-2024-42770
CVE-2024-42770 affects Kashipara Hotel Management System v1.0. A Stored XSS exists in /core/signup_user.php via the user_email parameter, enabling an attacker to inject scripts executed in the victim’s browser. The CVSSv3.1 base score is 4.7 (Network attack, low complexity, no privileges, user in...