Page 23 of 507 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-calorie.php. The manipulation of the argument calorie_date/calorie_name leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/jadu101/CVE/blob/main/SourceCodester_Daily_Calories_Monitoring_Tool_add_calorie_XSS.md https://vuldb.com/?ctiid.275721 https://vuldb.com/?id.275721 https://vuldb.com/?submit.396895 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file update-task.php. The manipulation of the argument task_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/SourceCodester_Task_Progress_Tracker_Update_Task_XSS.md https://vuldb.com/?ctiid.275720 https://vuldb.com/?id.275720 https://vuldb.com/?submit.396892 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file search_user.php. The manipulation of the argument search leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/acmglz/bug1_report/blob/main/Record-Management-System-2.md https://vuldb.com/?ctiid.275710 https://vuldb.com/?id.275710 https://vuldb.com/?submit.396487 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability, which was classified as problematic, was found in SourceCodester Record Management System 1.0. This affects an unknown part of the file sort1_user.php. The manipulation of the argument position leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/acmglz/bug1_report/blob/main/Record-Management-System-1.md https://vuldb.com/?ctiid.275709 https://vuldb.com/?id.275709 https://vuldb.com/?submit.396486 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. • https://github.com/0xffaaa/cve/blob/main/ecommerce-Unauthorized%20arbitrary%20file%20upload%20vulnerability.md https://vuldb.com/?ctiid.275568 https://vuldb.com/?id.275568 https://vuldb.com/?submit.396324 https://www.sourcecodester.com • CWE-434: Unrestricted Upload of File with Dangerous Type •