CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6465 – PHPGurukul Nipah Virus Testing Management System registered-user-testing.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-6465
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/dhabaleshwar/niv_testing_reflectedxss/blob/main/exploit.md https://vuldb.com/?ctiid.246615 https://vuldb.com/?id.246615 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48016
https://notcve.org/view.php?id=CVE-2023-48016
Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter. Restaurant Table Booking System V1.0 es vulnerable a la inyección SQL en rtbs/admin/index.php a través del parámetro de nombre de usuario. • https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6442 – PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-6442
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The attack can be launched remotely. • https://github.com/dhabaleshwar/niv_testing_sxss/blob/main/exploit.md https://vuldb.com/?ctiid.246445 https://vuldb.com/?id.246445 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6402 – PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php sql injection
https://notcve.org/view.php?id=CVE-2023-6402
A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/dhabaleshwar/niv_testing_sqli/blob/main/exploit.md https://vuldb.com/?ctiid.246423 https://vuldb.com/?id.246423 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6297 – PHPGurukul Nipah Virus Testing Management System Search Report Page patient-search-report.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-6297
A vulnerability classified as problematic has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file patient-search-report.php of the component Search Report Page. The manipulation of the argument Search By Patient Name with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/dhabaleshwar/niv_testing_rxss/blob/main/exploit.md https://vuldb.com/?ctiid.246123 https://vuldb.com/?id.246123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •