Guest Management System Cross-Site Scripting Vulnerability (CNVD-2023-41504)

The Guest Management System is a web-based system designed to monitor the records of everyone who enters a school or college. A cross-site scripting vulnerability exists in Guest Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the...

Campcodes Online Traffic Offense Management System SQL Injection Vulnerability (CNVD-2023-29407)

Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the paramet...

CVE-2022-45224

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...

CVE-2022-45223

Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...

PT-2022-27442 · Unknown · Web-Based Student Clearance System

Name of the Vulnerable Software and Affected Versions: Web-Based Student Clearance System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtnew password parameter in the changepassword.php file. This enables the...

Web-Based Student Clearance System 跨站脚本漏洞

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A security vulnerability exists in Web-Based Student Clearance System version v1.0, which was discovered to contain a cross-site scripting XSS vulnerability via Admin/add-admin.ph...

CVE-2022-43078

A cross-site scripting XSS vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter...

Web-Based Student Clearance System 跨站脚本漏洞

Web-Based Student Clearance System is a web-based student clearance system by the individual developer Ndueso Okorie. A security vulnerability exists in the Web-Based Student Clearance System, which originates in the prepare function of /Admin/add-student.php and can lead to cross-site scripting...

Student Management System SQL注入漏洞

Student Management System is a simple web-based student management software from Sk.Amir Hamza, an individual developer in Bangladesh. Student Management System suffers from a SQL injection vulnerability that stems from the operation parameter id that causes sql injection...

Guest Management System 跨站脚本漏洞

Guest Management System is a web-based system designed to monitor the records of everyone entering a school or college. The Guest Management System suffers from a cross-site scripting vulnerability that stems from the manipulation of the parameter name in an unknown portion of its myform.php...

Guest Management System 安全漏洞

Guest Management System is a web-based system designed to monitor the records of everyone entering a school or college. The Guest Management System has a security vulnerability that stems from an unknown function of its code storing user passwords in the database in plaintext...

Open Source Point of Sale 代码问题漏洞

Open Source Point of Sale is a web-based point of sale system. A security vulnerability exists in Open Source Point of Sale version v3.3.7, which stems from an arbitrary file upload vulnerability discovered via the Update Branding Settings page...

AROX School-ERP Pro 代码问题漏洞

AROX School-ERP Pro is a web-based school management system. The system includes functions such as curriculum management, attendance management, financial management, human resource management and examination management. A security vulnerability exists in AROX School-ERP Pro v1.0, which can be...

The vulnerability of the software development environment of TIA Portal, the system for automating technological processes, and SINETPLAN, a system for planning automation processes; as well as the web-based systems for managing technological processes, SIMATIC PCS neo, is related to uncontrolled resource consumption, allowing attackers to trigger service failures.

The vulnerabilities of the TIA Portal, the SINETPLAN system planning tool, and the SIMATIC PCS neo web-based technology process management system are related to uncontrolled resource consumption. Exploiting these vulnerabilities can allow attackers to cause service failures by sending specially...

Webmin Cross-Site Scripting Vulnerability (CNVD-2022-61348)

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community.A cross-site scripting vulnerability exists in Webmin version 1.973, which stems from the lack of filtering and escaping of user-submitted parameters for the Add User feature. An...

ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting (XSS)

Exploit Title: ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting XSS Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062 App:...

ICT Protege GX/WX 2.08 Authenticated Stored XSS Vulnerability

Summary Protege GX is an enterprise level integrated access control, intrusion detection and building automation solution with a feature set that is easy to operate, simple to integrate and effortless to extend. Protege WX is an all-in-one, web-based, cross-platform system that gives you a fully...

ICT Protege GX/WX 2.08 Cross Site Scripting

ICT Protege GX/WX 2.08 Authenticated Stored XSS Vulnerability Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062 App: 02.08.766 Lib: 04.00.169 Int: 02.2.208...

SPIP 信息泄露漏洞

SPIP is a Web-based content distribution system used primarily for online collaboration. A security vulnerability exists in SPIP, which stems from a web-based system or product that does not properly restrict access to resources from unauthorized roles. An unauthenticated attacker could use this...

Atlassian Jira Cross-Site Request Forgery Vulnerability (CNVD-2022-16292)

Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to cross-site request forgery, which is caused by improper design or implementation during the development of code for a web-based system or product. No detailed vulnerability details are...