4 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as problematic has been found in SourceCodester QR Code Bookmark System 1.0. Affected is an unknown function of the file /endpoint/update-bookmark.php of the component Parameter Handler. The manipulation of the argument tbl_bookmark_id/name/url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_update_bookmark_XSS.md https://vuldb.com/?ctiid.275742 https://vuldb.com/?id.275742 https://vuldb.com/?submit.397580 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The manipulation of the argument bookmark leads to cross site scripting. The attack may be initiated remotely. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_delete_bookmark_XSS.md https://vuldb.com/?ctiid.275741 https://vuldb.com/?id.275741 https://vuldb.com/?submit.397579 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/add-bookmark.php of the component Parameter Handler. The manipulation of the argument name/url leads to cross site scripting. The attack can be initiated remotely. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_add_bookmark_XSS.md https://vuldb.com/?ctiid.275740 https://vuldb.com/?id.275740 https://vuldb.com/?submit.397575 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1. The manipulation of the argument bookmark leads to sql injection. • https://github.com/BurakSevben/CVEs/blob/main/QR%20Code%20Bookmark%20System/QR%20Code%20Bookmark%20System%20-%20SQL%20Injection.md https://vuldb.com/?ctiid.260764 https://vuldb.com/?id.260764 https://vuldb.com/?submit.316322 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •