Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

PT-2025-27455 · Unknown · String-Math

Name of the Vulnerable Software and Affected Versions: string-math version 1.2.2 Description: The issue is a Regex Denial of Service ReDoS that can be exploited via a crafted input. Recommendations: For string-math version 1.2.2, consider validating and sanitizing all inputs to prevent crafted...

Cross-Site Scripting (XSS)

ssddanbrown/bookstack is vulnerable to cross-site scripting XSS. Lack of validation and sanitization allows a remote attacker to inject and execute arbitrary Javascript in a user's browser via the comments...

Elastix 2.4.0 Stable XSS / CSRF / Command Execution

Title: Elastix Multiple vulnerabilities Remote Command Execution, XSS, CSRF Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: September 1 2014 Published: October 17 2014 MorXploit Research http://www.MorXploit.com Software: Elastix Version: Elastix 2.4.0 Stable Vendor url:...