38 matches found
CVE-2024-2075
A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The attack can be...
EUVD-2024-33828
Malicious code in bioql PyPI...
EUVD-2024-48970
Malicious code in bioql PyPI...
CVE-2025-8521 givanz Vvveb Add Type post-types cross site scripting
A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5. This issue affects some unknown processing of the file /vadmin123/index.php?module=settings/post-types of the component Add Type Handler. The manipulation leads to cross site scripting. The attack ma...
CVE-2025-8380
A vulnerability classified as problematic was found in Campcodes Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/addqueryaccount.php. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The...
CVE-2025-7902
A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-7857
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file bwdates-passreports-details.php of the component HTTP POST Request Handler. The manipulation of the argument visname...
CVE-2025-7902 yangzongzhuan RuoYi SysNoticeController.java addSave cross site scripting
A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-7748
A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public...
CVE-2025-7728
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. Affected is an unknown function of the file users.shtm. The manipulation of the argument Username leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2025-7729
A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has...
CVE-2025-7728
CVE-2025-7728 affects Scada-LTS up to version 2.7.8.1. Affected is an unknown function in the file users.shtm ; manipulating the Username argument triggers cross-site scripting (XSS). The vulnerability can be exploited remotely, and public exploitation information has been disclosed. The vendor i...
CVE-2025-7569
CVE-2025-7569 affects Bigotry OneBase versions up to 1.3.6. The vulnerability is in the parse_args function of the file /tpl/think_exception.tpl; manipulating the args parameter leads to cross-site scripting. The attack can be launched remotely and the exploit has been publicly disclosed. Multipl...
CVE-2025-6699
A vulnerability classified as problematic has been found in LabRedesCefetRJ WeGIA 3.4.0. This affects an unknown part of the file /html/funcionario/cadastrofuncionario.php of the component Cadastro de Funcionário. The manipulation of the argument Nome/Sobrenome leads to cross site scripting. It i...
CVE-2025-6569
A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulation of the argument sname/contact/about/emailid/transcationremark leads to cross site scripting. T...
CVE-2025-6473 code-projects School Fees Payment System fees.php cross site scripting
A vulnerability, which was classified as problematic, was found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /fees.php. The manipulation of the argument transcationremark leads to cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2025-5411
Mist Community Edition
CVE-2024-7948
A vulnerability classified as problematic was found in SourceCodester Accounts Manager App 1.0. This vulnerability affects unknown code of the file update-account.php of the component Update Account Page. The manipulation of the argument Account Name/Username/Password/Link leads to cross site...
CVE-2024-7677
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument contact/address...
CVE-2024-2284
A vulnerability classified as problematic was found in boyiddha Automated-Mess-Management-System 1.0. Affected by this vulnerability is an unknown functionality of the file /member/chat.php of the component Chat Book. The manipulation of the argument msg leads to cross site scripting. The attack...