Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2023/10/31 9:9 p.m.17 views

CVE-2023-44484 Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS)

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...

6.1CVSS6AI score0.0009EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/10/31 12:0 a.m.3 views

PT-2023-29263 · Unknown · Online Blood Donation Management System

Name of the Vulnerable Software and Affected Versions: Online Blood Donation Management System version 1.0 Description: The issue concerns multiple Store Cross-Site Scripting vulnerabilities. The address parameter of the "users/register.php" endpoint is vulnerable, as its input is copied into the...

6.3AI score
Exploits0References4
Prion
Prionadded 2014/04/01 3:25 a.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter to news/send.php, 2 threadid parameter to posts/edit.php, or 3 useremail parameter to users/password.php or 4 users/register.php. NOTE: these issues were SPLIT...

7.5CVSS8.9AI score0.05438EPSS
Exploits7References7Affected Software1
Prion
Prionadded 2014/04/01 3:24 a.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 answerid or 2 questionid parameter to polls/vote.php, 3 storyid parameter to comments/add.php or 4 comments/edit.php, or 5 threadid parameter to posts/add.php. NOTE: this issue...

7.5CVSS8.8AI score0.05438EPSS
Exploits7References4Affected Software1
NVD
NVDadded 2007/12/15 1:46 a.m.11 views

CVE-2007-6374

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 users/register.php or 2 search/index.php, or an editcomments action in 3 wiki/index.php or 4 forums/index.php. NOTE: the error...

4.3CVSS5.7AI score0.00904EPSS
Exploits1References9
CVE
CVEadded 2007/12/15 1:0 a.m.48 views

CVE-2007-6374

CVE-2007-6374 concerns multiple XSS flaws in Bitweaver 2.0.0 and earlier, exploitable via PATH_INFO in four endpoints: /users/register.php, /search/index.php, /wiki/index.php (editcomments action), and /forums/index.php. The vulnerability allows remote attackers to inject arbitrary script or HTML...

4.3CVSS5.7AI score0.00904EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2007/12/15 1:0 a.m.15 views

CVE-2007-6374

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 users/register.php or 2 search/index.php, or an editcomments action in 3 wiki/index.php or 4 forums/index.php. NOTE: the error...

5.7AI score0.00904EPSS
Exploits1References9
Rows per page
Query Builder