Vulnerabilities (CVE)

Filtered by CWE-79
Total 29035 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-0650 1 Oretnom23 1 Visitor Management System 2024-05-17 5.0 MEDIUM 6.1 MEDIUM
A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the input "><script>alert('torada')</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251376.
CVE-2024-0647 1 Sparksuite 1 Simplemde 2024-05-17 5.0 MEDIUM 6.1 MEDIUM
A vulnerability, which was classified as problematic, was found in Sparksuite SimpleMDE up to 1.11.2. This affects an unknown part of the component iFrame Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251373 was assigned to this vulnerability.
CVE-2024-0599 1 Ujcms 1 Jspxcms 2024-05-17 4.0 MEDIUM 5.4 MEDIUM
A vulnerability was found in Jspxcms 10.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file src\main\java\com\jspxcms\core\web\back\InfoController.java of the component Document Management Page. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250837 was assigned to this vulnerability.
CVE-2024-0557 1 Dedebiz 1 Dedebiz 2024-05-17 3.3 LOW 5.4 MEDIUM
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an unknown part of the component Website Copyright Setting. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250725 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0504 1 Fabianros 1 Simple Online Hotel Reservation System 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file add_reserve.php of the component Make a Reservation Page. The manipulation of the argument Firstname/Lastname with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250618 is the identifier assigned to this vulnerability.
CVE-2024-0503 1 Sherlock 1 Online Fir System 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250611.
CVE-2024-0501 1 Oretnom23 1 House Rental Management System 2024-05-17 3.3 LOW 4.8 MEDIUM
A vulnerability has been found in SourceCodester House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Manage Invoice Details. The manipulation of the argument Invoice leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250609 was assigned to this vulnerability.
CVE-2024-0500 1 Oretnom23 1 House Rental Management System 2024-05-17 3.3 LOW 4.8 MEDIUM
A vulnerability, which was classified as problematic, was found in SourceCodester House Rental Management System 1.0. Affected is an unknown function of the component Manage Tenant Details. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250608.
CVE-2024-0499 1 Oretnom23 1 House Rental Management System 2024-05-17 3.3 LOW 4.8 MEDIUM
A vulnerability, which was classified as problematic, has been found in SourceCodester House Rental Management System 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250607.
CVE-2024-0476 1 Phpgurukul 1 Blood Bank \& Donor Management System 2024-05-17 3.3 LOW 4.8 MEDIUM
A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0. This affects an unknown part of the file request-received-bydonar.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250581 was assigned to this vulnerability.
CVE-2024-0467 1 Carmelogarcia 1 Employee Profile Management System 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file edit_position_query.php. The manipulation of the argument pos_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250572.
CVE-2024-0424 1 Codeastro 1 Simple Banking System 2024-05-17 4.0 MEDIUM 5.4 MEDIUM
A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443.
CVE-2024-0423 1 Codeastro 1 Online Food Ordering System 2024-05-17 4.0 MEDIUM 5.4 MEDIUM
A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file dishes.php. The manipulation of the argument res_id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250442 is the identifier assigned to this vulnerability.
CVE-2024-0422 1 Codeastro 1 Pos And Inventory Management System 2024-05-17 4.0 MEDIUM 5.4 MEDIUM
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /new_item of the component New Item Creation Page. The manipulation of the argument new_item leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250441 was assigned to this vulnerability.
CVE-2024-0346 1 Vehicle Booking System Project 1 Vehicle Booking System 2024-05-17 4.0 MEDIUM 5.4 MEDIUM
A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as problematic. This vulnerability affects unknown code of the file usr/user-give-feedback.php of the component Feedback Page. The manipulation of the argument My Testemonial leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250114 is the identifier assigned to this vulnerability.
CVE-2024-0345 1 Vehicle Booking System Project 1 Vehicle Booking System 2024-05-17 5.0 MEDIUM 6.1 MEDIUM
A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250113 was assigned to this vulnerability.
CVE-2024-0343 1 Simple House Rental System Project 1 Simple House Rental System 2024-05-17 5.0 MEDIUM 6.1 MEDIUM
A vulnerability classified as problematic was found in CodeAstro Simple House Rental System 5.6. Affected by this vulnerability is an unknown functionality of the component Login Panel. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250111.
CVE-2024-0286 1 Phpgurukul 1 Hospital Management System 2024-05-17 5.0 MEDIUM 6.1 MEDIUM
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file index.php#contact_us of the component Contact Form. The manipulation of the argument Name/Email/Message leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249843.
CVE-2024-0284 1 Kashipara 1 Food Management System 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file party_submit.php. The manipulation of the argument party_address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249839.
CVE-2024-0283 1 Kashipara 1 Food Management System 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file party_details.php. The manipulation of the argument party_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249838 is the identifier assigned to this vulnerability.