CVE-2024-50833

A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters...

Anteeo WMS 安全漏洞

Anteeo WMS is a fully functional data center from Anteeo WMS, Inc. A security vulnerability exists in Anteeo WMS versions prior to 4.7.34, which stems from the presence of a SQL injection vulnerability that allows an unauthenticated attacker to execute arbitrary SQL commands via username paramete...

CVE-2024-8471

CVE-2024-8471 concerns a Cross-Site Scripting (XSS) vulnerability in a Job Portal web application. The vulnerability arises from insufficient handling/encryption of user-controlled input in the /jobportal/process.php endpoint, with JOBID and USERNAME parameters being implicated. Exploitation coul...

CVE-2024-45589

RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters...

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System v1.0, which originates from a vulnerability to SQL injection attack that allows an attacker to execute arbitrary SQL command...

News Portal Project SQL Injection Vulnerability (CNVD-2021-102010)

News Portal Project is an open source news portal project . News Portal Project in version 3.1, there is a SQL injection vulnerability , the vulnerability stems from the application's category, subcategory, sucatdescription, username parameters lack of validation of external input SQL statements...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the 1 contenido, 2 Belang, and 3 username parameters...