Total
29038 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1036 | 1 Dental Clinic Appointment Reservation System Project | 1 Dental Clinic Appointment Reservation System | 2024-05-17 | 5.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221794 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1030 | 1 Online Boat Reservation System Project | 1 Online Boat Reservation System | 2024-05-17 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability has been found in SourceCodester Online Boat Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /boat/login.php of the component POST Parameter Handler. The manipulation of the argument un leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221755. | |||||
| CVE-2023-1006 | 1 Medical Certificate Generator App Project | 1 Medical Certificate Generator App | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been classified as problematic. This affects an unknown part of the component New Record Handler. The manipulation of the argument Firstname/Middlename/Lastname/Suffix/Nationality/Doctor Fullname/Doctor Suffix with the input "><script>prompt(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-221739. | |||||
| CVE-2023-0987 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221680. | |||||
| CVE-2023-0945 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "><img src=x onerror=prompt(document.domain);> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221592. | |||||
| CVE-2023-0902 | 1 Simple Food Ordering System Project | 1 Simple Food Ordering System | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in SourceCodester Simple Food Ordering System 1.0. It has been classified as problematic. This affects an unknown part of the file process_order.php. The manipulation of the argument order leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221451. | |||||
| CVE-2023-0840 | 1 Phpcrazy Project | 1 Phpcrazy | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability classified as problematic was found in PHPCrazy 1.1.1. This vulnerability affects unknown code of the file admin/admin.php?action=users&mode=info&user=2. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221086 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0650 | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM | ||
| A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to address this issue. The name of the patch is a1442a2bacc3335461b44c250e81f8d99c60735f. It is recommended to upgrade the affected component. The identifier VDB-220037 was assigned to this vulnerability. | |||||
| CVE-2023-0639 | 2024-05-17 | 3.3 LOW | 6.1 MEDIUM | ||
| A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-220019. | |||||
| CVE-2023-0571 | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM | ||
| A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219730 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0563 | 1 Phpgurukul | 1 Bank Locker Management System | 2024-05-17 | 4.0 MEDIUM | 4.8 MEDIUM |
| A vulnerability classified as problematic has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file add-locker-form.php of the component Assign Locker. The manipulation of the argument ahname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219717 was assigned to this vulnerability. | |||||
| CVE-2023-0549 | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.11 is able to address this issue. The identifier of the patch is 2237a9d552e258a43570bb478a92a5505e7c8797. It is recommended to upgrade the affected component. The identifier VDB-219665 was assigned to this vulnerability. | |||||
| CVE-2023-0527 | 1 Online Security Guards Hiring System Project | 1 Online Security Guards Hiring System | 2024-05-17 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219596. | |||||
| CVE-2023-0513 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability has been found in isoftforce Dreamer CMS up to 4.0.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.3 is able to address this issue. It is recommended to upgrade the affected component. VDB-219334 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0327 | 1 Theradsystem Project | 1 Theradsystem | 2024-05-17 | 4.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic. Affected is an unknown function of the file users.php. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. VDB-218454 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0287 | 1 Favorites-web Project | 1 Favorites-web | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-218294 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0258 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-05-17 | 3.3 LOW | 6.1 MEDIUM |
| A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Category List Handler. The manipulation of the argument Reason with the input "><script>prompt(1)</script> leads to cross site scripting. The attack may be launched remotely. VDB-218186 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0246 | 1 Espcms | 1 Espcms | 2024-05-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-218154 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0125 | 1 Control Id Panel Project | 1 Control Id Panel | 2024-05-17 | 3.3 LOW | 6.1 MEDIUM |
| A vulnerability was found in Control iD Gerencia Web 1.30. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation of the argument Nome leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-217717 was assigned to this vulnerability. | |||||
| CVE-2022-4966 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in sequentech admin-console up to 6.1.7 and classified as problematic. Affected by this issue is some unknown functionality of the component Election Description Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 7.0.0-beta.1 is able to address this issue. The patch is identified as 0043a6b1e6e0f5abc9557e73f9ffc524fc5d609d. It is recommended to upgrade the affected component. VDB-258782 is the identifier assigned to this vulnerability. | |||||