4 matches found
CVE-2026-36388
A Cross-Site Scripting XSS vulnerability was found in PHPGurukal Hospital Management System v4.0 in the /hospital/hms/edit-profile.php page. This flaw allows an authenticated attacker patient to inject a malicious script payload into the User Name parameter, which is stored in the application and...
SUSE CVE-2009-4298
The LAMS module mod/lams for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the 1 username, 2 firstname, and 3 lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors...
PT-2018-10651
Name of the Vulnerable Software and Affected Versions The Olive Tree Ftp Server application version 1.32 Description The issue concerns insecure data storage. Specifically, a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared prefs/com.theolivetree.ftpserver...
Juniper Netscreen Firewall ScreenOS crossite scripting
Persistant crossite scripting with username stored in logs...