CVE-2023-27245
https://notcve.org/view.php?id=CVE-2023-27245
A cross-site scripting (XSS) vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module. • https://github.com/flyasolo/File-Management-System • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-46824
https://notcve.org/view.php?id=CVE-2021-46824
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Lastname parameter to the Update Account form in student_profile.php. Una vulnerabilidad de tipo cross Site Scripting (XSS) en sourcecodester School File Management System versión 1.0, por medio del parámetro Lastname del formulario Update Account en el archivostudent_profile.php • https://packetstormsecurity.com/files/161394/School-File-Management-System-1.0-Cross-Site-Scripting.html https://www.exploit-db.com/exploits/49559 https://www.sourcecodester.com/php/14155/school-file-management-system.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-29055
https://notcve.org/view.php?id=CVE-2021-29055
Cross Site Scripting (XSS) vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in student_profile.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester School File Management System versión 1.0, por medio del parámetro Firtstname del formulario Update Account en el archivo student_profile.php • https://packetstormsecurity.com/files/161394/School-File-Management-System-1.0-Cross-Site-Scripting.html https://www.sourcecodester.com/php/14155/school-file-management-system.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •