6 matches found
CVE-2026-11518
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...
EUVD-2026-35068
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...
CVE-2026-8136
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...
EUVD-2025-29659
Malicious code in bioql PyPI...
CVE-2025-10566
CVE-2025-10566 affects Campcodes Grocery Sales and Inventory System 1.0. The vulnerability exploits the page parameter in /index.php?page=users to trigger cross-site scripting, with remote exploitation possible and a publicly available exploit. Affected component is the /index.php?page=users logi...
Jorani 跨站请求伪造漏洞
Jorani is a leave management system. Designed to provide small organizations with a simple workflow for leave and overtime requests. A cross-site request forgery vulnerability exists in Jorani version 1.0, which stems from the /application/controllers/Users.php page not adequately verifying that ...