The Muslim Prayer Time-Salah/Iqamah plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Masjid ID parameter in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

The Muslim Prayer Time BD WordPress plugin through 2.4 does not have CSRF check in place when reseting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack

In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).

Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php mem_id parameter.

PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload via admin/mydetails_edit.php.

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter.

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slider_edit.php edit_id parameter.

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_edit.php edit_id parameter.