CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23466
https://notcve.org/view.php?id=CVE-2020-23466
Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en phpgurukul Online Marriage Registration System versión 1.0, que permite a atacantes ejecutar código arbitrario por medio del campo wzipcode. • https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql https://www.exploit-db.com/exploits/48522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26052
https://notcve.org/view.php?id=CVE-2020-26052
Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters. Online Marriage Registration System versión 1.0, está afectado por vulnerabilidades de tipo cross-site scripting (XSS) almacenado en múltiples parámetros • https://www.exploit-db.com/exploits/48522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35151 – Online Marriage Registration System 1.0 - 'searchdata' SQL Injection
https://notcve.org/view.php?id=CVE-2020-35151
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection. El parámetro post "searchdata" de Online Marriage Registration System versión 1.0 en la petición del archivo user/search.php es vulnerable a una inyección SQL Basada en Tiempo • https://www.exploit-db.com/exploits/49307 https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •