CVE-2023-5260

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file groupvalidator.php. The manipulation of the argument clubid leads to sql injection. The attack may be initiated remotely. The...

PT-2023-31982 · Sourcecodester · Sourcecodester Simple Membership System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical issue has been found in the processing of the file group validator.php, where the manipulation of the club id argument leads to SQL injection. The attack can be...

Simple Membership System SQL Injection Vulnerability

Simple Membership System is a simple membership system by Razormist Personal Developer. A SQL injection vulnerability exists in Simple Membership System version 1.0, which stems from the parameter clubid in the file groupvalidator.php that can lead to sql injection...

Remote Code Execution

pgadmin4 is vulnerable to Remote Code Execution. The vulnerability is caused by a missing validation in the pgAdmin server HTTP API - validatebinarypath that is used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. This can result in an...

validator (>=0.6.1 <=0.6.3) potentially affected by CVE-2023-42444 via phonenumber (=0.1.0+8.7.0)

phonenumber CARGO version =0.1.0+8.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on phonenumber and may be impacted: - validator =0.6.1, =0.6.3 Source cves: CVE-2023-42444 Source advisory: OSV:GHSA-WHHR-7F2W-QQJ2...

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

PHP-Login-System Cross-Site Scripting Vulnerability

PHP-Login-System is a web application. A security vulnerability exists in PHP-Login-System version 2.0.1, which stems from a vulnerability that allows a remote attacker to execute arbitrary JavaScript - passwords in a user's web browser by including a malicious load in the validator parameter in...

CVE-2023-4376

The Serial Codes Generator and Validator with WooCommerce Support WordPress plugin before 2.4.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

validator (>=0.6.1 <=0.6.3) potentially affected by CVE-2023-42444 via phonenumber (=0.1.0+8.7.0)

phonenumber CARGO version =0.1.0+8.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on phonenumber and may be impacted: - validator =0.6.1, =0.6.3 Source cves: CVE-2023-42444 Source advisory: OSV:RUSTSEC-2023-0082...

PT-2023-28968 · WordPress · Saso Serial Codes Generator/Validator With Woocommerce Support

Name of the Vulnerable Software and Affected Versions: Serial Codes Generator and Validator with WooCommerce Support WordPress plugin versions prior to 2.4.15 Description: The issue concerns the Serial Codes Generator and Validator with WooCommerce Support WordPress plugin, where some settings ar...

WordPress plugin Serial Codes Generator and Validator with WooCommerce Support Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-5027

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file clubvalidator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit...

Simple Membership System SQL Injection Vulnerability

Simple Membership System is a simple membership system by Razormist Personal Developer. A SQL injection vulnerability exists in Simple Membership System version 1.0, which stems from a SQL injection vulnerability in the club parameter club in the file clubvalidator.php...

PT-2023-31521 · Sourcecodester · Simple Membership System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical issue was found in the Simple Membership System, affecting an unknown functionality of the file club validator.php. The manipulation of the club argument leads to SQL...

Unchecked Minting

Lines of code Vulnerability details Impact There is a possibility, an attacker can force minting of tokens to self or any other diluting the token value and stealing funds in the process Proof of Concept Here is a step-by-step process The attacker calls the transferFrom function with msg.data...

Malicious code in web3tool-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware baa2083cd444530581252c21173e1cc7baccb1f0562cd626040ed4cf407cf5b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8087 Malicious code in web3tool-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware baa2083cd444530581252c21173e1cc7baccb1f0562cd626040ed4cf407cf5b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the SafeHtml validator in the Hibernate Validator library allows attackers to perform cross-site scripting attacks.

The vulnerability in the SafeHtml validator of the Hibernate Validator library relates to the lack of measures taken to protect the structure of web pages during the processing of HTML content. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

Validator CLI Tool Fails to Process VMs in Per-machine backup with separate metadata files

Challenge When attempting to use the Veeam Backup Validator command-line tool to validate the VMs contained within a job that was using the Per-machine backup with separate metadata files aka True Per-VM backup chain format, the Veeam Backup Validator tool throws the error: Cannot find last point...

MOXA MXsecurity Security Feature Issue Vulnerability

MOXA MXsecurity is a management platform from China-based MOXA. that provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MOXA MXsecurity...