CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

CVE-2025-6322

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visit.php. The manipulation of the argument gname leads to sql injection. The attack may be launched remotely. The exploit has bee...

PHPGurukul Pre-School Enrollment System 注入漏洞

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter gname in the file /visit.php. An attacker can...

CVE-2023-0829

Plesk 17.0 through 18.0.31 version, is vulnerable to a Cross-Site Scripting. A malicious subscription owner either a customer or an additional user, can fully compromise the server if an administrator visits a certain page in Plesk related to the malicious subscription...

Ubiquiti UniFi Network 跨站脚本漏洞

Ubiquiti UniFi Network is a wireless network management software solution from Ubiquiti, Inc. It is used to set up and manage UniFi Network devices. A security vulnerability exists in Ubiquiti UniFi Network version 7.3.83 and prior versions that originates from a vulnerability that allows a...

CVE-2022-32397

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/viewvisit.php:4...

Sql injection

Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/managevisit.php:4...

Prison Management System SQL注入漏洞

Prison Management System is a prison management system from Carlo Montero's personal developer. prison Management System v1.0 is vulnerable to SQL injection, which originates in the application /pms/admin/visits/viewvisit.php in the id parameter in /pms/admin/visits/viewvisit.php is missing the S...

Prison Management System SQL注入漏洞

Prison Management System is a prison management system from Carlo Montero's personal developer. v1.0 of Prison Management System contains a SQL injection vulnerability that originates in the application /pms/admin/visits/managevisit.php The vulnerability is caused by the lack of SQL data filter...

CVE-2022-24369

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

WordPress FormCraft plugin CSRF backdoor access vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A CSRF backdoor access vulnerability exists in the WordPress FormCraft plugin, which can be exploited by an attacker to perform arbitrary operations by inducing the...