Page 43 of 298 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, and buspassms/admin/edit-pass-detail.php Múltiples inyecciones SQL detectadas en Bus Pass Management System versión 1.0, por medio de los archivos buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-detail.php, y buspassms/admin/edit-pass-detail.php. • https://github.com/jcarabantes/Bus-Vulnerabilities https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en phpgurukul Online Marriage Registration System versión 1.0, que permite a atacantes ejecutar código arbitrario por medio del campo wzipcode. • https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql https://www.exploit-db.com/exploits/48522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/apply_vacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. • https://s1.ax1x.com/2022/08/12/vJ5pEd.png https://vuldb.com/?id.206250 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Zoo Management System and classified as critical. This issue affects some unknown processing of the file /pages/animals.php. The manipulation of the argument class_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://s1.ax1x.com/2022/08/12/vJ4zHH.png https://vuldb.com/?id.206249 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2

A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la función Add Classification de Zoo Management System versión v1.0, permite a atacantes ejecutar scripts web o HTM arbitrarios por medio de vectores no especificados • https://github.com/angelopioamirante/CVE-2022-33075 http://sourcecodester.com http://zoo.com https://packetstormsecurity.com/files/167603/Zoo-Management-System-1.0-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •