PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.

PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.

The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

The mintToken function of a smart contract implementation for Cranoo (CRN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.

Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.

Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.

Online Ticket Booking has CSRF via admin/movieedit.php.

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.

Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.