CVE-2023-31816

The CVE-2023-31816 entry concerns IT Sourcecode Content Management System (PHP/MySQL) v1.0.0 that is vulnerable to Cross-Site Scripting (XSS) via the endpoint /ecodesource/search_list.php. The vulnerability is described across sources (NVD, Red Hat, CVE listings) with the core issue being an XSS ...

CVE-2021-25197

The CVE-2021-25197 item applies to SourceCodester Content Management System v1.0, where an XSS vulnerability exists in the admin/new_content.php page. The underlying issue is that the search parameter is injectable, allowing remote attackers to inject arbitrary web scripts or HTML. Documented imp...