14 matches found
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
Cross-site Scripting in Bagisto
Cross Site Scripting vulnerability in webkil Bagisto v1.3.1 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad...
CVE-2023-36236
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad...
CVE-2023-36236
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad...
Cross site scripting
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad...
CVE-2023-36236
CVE-2023-36236 affects Webkul Bagisto v1.5.0 and earlier. The vulnerability is Cross-Site Scripting (XSS) caused by improper validation of uploaded SVG files, allowing an attacker to execute arbitrary code via a crafted file upload. Impact is stated as arbitrary code execution under the described...
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
Cross site scripting
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
CVE-2023-30256
CVE-2023-30256 affects Webkul Webkil/QloApps v1.5.2. The issue is a Cross‑Site Scripting (XSS) vulnerability in the AuthController.php handling the two parameters, back and email_create , which can be exploited by remote attackers to obtain sensitive information and potentially execute script in ...
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
Webkil QloApps 跨站脚本漏洞
Webkil QloApps is free open source hotel booking and online reservation system. A security vulnerability exists in Webkil QloApps version v.1.5.2. An attacker exploits the vulnerability to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
PT-2023-22606 · Webkil · Webkul Qloapps
Name of the Vulnerable Software and Affected Versions: Webkil QloApps version 1.5.2 Description: A Cross Site Scripting issue allows a remote attacker to obtain sensitive information via the back and email create parameters in the AuthController.php file. Recommendations: For Webkil QloApps versi...