Show filters
257 Total Results
Displaying 21-30 of 257
Sort by:
Attacker Value
Unknown
CVE-2024-1702
Disclosure Date: February 21, 2024 (last updated February 12, 2025)
A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254390 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2024-1701
Disclosure Date: February 21, 2024 (last updated February 13, 2025)
A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254389 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2024-1700
Disclosure Date: February 21, 2024 (last updated February 13, 2025)
A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument username with the input <script>alert("xss")</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254388. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2024-25222
Disclosure Date: February 14, 2024 (last updated February 17, 2024)
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php.
0
Attacker Value
Unknown
CVE-2024-25221
Disclosure Date: February 14, 2024 (last updated February 17, 2024)
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php.
0
Attacker Value
Unknown
CVE-2024-25220
Disclosure Date: February 14, 2024 (last updated February 17, 2024)
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php.
0
Attacker Value
Unknown
CVE-2024-25219
Disclosure Date: February 14, 2024 (last updated February 17, 2024)
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php.
0
Attacker Value
Unknown
CVE-2024-25218
Disclosure Date: February 14, 2024 (last updated February 17, 2024)
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php.
0
Attacker Value
Unknown
CVE-2024-25191
Disclosure Date: February 08, 2024 (last updated February 15, 2024)
php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.
0
Attacker Value
Unknown
CVE-2024-24945
Disclosure Date: February 01, 2024 (last updated February 08, 2024)
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
0