Code-Projects Online Note Sharing 代码问题漏洞

Code-Projects Online Note Sharing is an online note sharing software from Code-Projects open source. A code issue vulnerability exists in Code-Projects Online Note Sharing version 1.0, which stems from improper handling of the parameter image in the file /dashboard/userprofile.php, which could le...

CVE-2022-25221

Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code...

PHPGurukul Human Metapneumovirus Testing Management System 安全漏洞

PHPGurukul Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system from PHPGurukul, Inc. A security vulnerability exists in PHPGurukul Human Metapneumovirus Testing Management System v1.0, which originates from a SQL injection vulnerability in the...

QR Code Bookmark System 跨站脚本漏洞

QR Code Bookmark System is a QR Code Bookmark System by rems Personal Developer. A cross-site scripting vulnerability exists in version 1.0 of the QR Code Bookmark System, which is caused by a cross-site scripting vulnerability in the name/url parameter of the /endpoint/add-bookmark.php file...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System due to an SQL injection vulnerability in the name parameter of the index.p...

Customer Support System 安全漏洞

Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in the v1 version of Customer Support System, which...

Web-Based Student Clearance System SQL Injection Vulnerability

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A SQL injection vulnerability exists in Web-Based Student Clearance System version 1.0, which stems from an incorrect manipulation of the parameter Fullname that can lead to sql...

Online Notice Board System SQL Injection Vulnerability

Online Notice Board System is an online bulletin board system. A SQL injection vulnerability exists in the v1.0 version of Online Notice Board System, which occurs when the dd parameter of the user/updateprofile.php page is processed without filtering the data and sending it to the database for...

Customer Support System Security Breach

Customer Support System is a customer support system by oretnom23 Individual Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. A security vulnerability exists in Customer Support System version 1.0, which stems fr...

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0. An attacker can exploit this vulnerability to perform a SQL injection attack via...

Food Ordering Management System SQL注入漏洞

Food Ordering Management System is a food ordering management system by Carlo Montero personal developer. It provides an online platform to order food from a restaurant or fast food chain. A security vulnerability exists in Food Ordering Management System v1.0, which was discovered to contain an...

Simple Cold Storage Management System 跨站请求伪造漏洞

Simple Cold Storage Management System is a Simple Cold Storage Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Cold Storage Management System version 1.0, which stems from a change in the operation parameter password that could lead to cross-site...

CVE-2022-32350

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=deleteroomtype...

Biscuit 数据伪造问题漏洞

Biscuit is delegated, decentralized, capability-based authorization tokens. A data forgery issue vulnerability exists in the v1 version of Biscuit that stems from allowing an attacker to create tokens with any access level...

Rescue Dispatch Management System SQL注入漏洞

Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. rescue dispatch management system v1.0 is vulnerable to SQL injection, which originates from /rdms/admin/teams/ manageteam.php?id=The page lacks validation for external input SQL...

Social Codia SMS 代码问题漏洞

Social Codia SMS is an inventory management system from Social Codia India. v1.0 of Social Codia SMS is vulnerable to arbitrary file uploads, which can be exploited by attackers to execute arbitrary code via crafted PHP files...

Mini-Inventory-and-Sales-Management-System Cross-Site Request Forgery Vulnerability

Mini-Inventory-and-Sales-Management-System is an inventory and sales management system written in PHP codeIgniter with support for MySQL and Sqlite3 databases. A cross-site request forgery vulnerability exists in Mini-Inventory-and-Sales-Management-System version 1.0, which stems from...

The vulnerability in the implementation of the Internet Key Exchange protocol (IKEv1) in Cisco IOS and IOS XE operating systems allows a attacker to cause a service failure.

The vulnerability of the Internet Key Exchange IKEv1 protocol in Cisco IOS and IOS XE operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures using specially crafted IKEv1 packets...

The vulnerability of the Microsoft Server Message Block 1.0 (SMBv1) network protocol on the Windows operating system, which allows a hacker to cause a service failure.

The vulnerability of the Microsoft Server Message Block 1.0 SMBv1 protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted requests remotely...