Show filters
3,812 Total Results
Displaying 441-450 of 3,812
Sort by:
Attacker Value
Unknown

CVE-2023-37772

Disclosure Date: August 01, 2023 (last updated February 25, 2025)
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-37771

Disclosure Date: July 31, 2023 (last updated February 25, 2025)
Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-4007

Disclosure Date: July 31, 2023 (last updated February 25, 2025)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-4006

Disclosure Date: July 31, 2023 (last updated February 25, 2025)
Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31937

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31936

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31935

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31934

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31933

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31932

Disclosure Date: July 28, 2023 (last updated February 25, 2025)
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
View More Topics  < Previous  Next >