Phpgurukul: Security Vulnerabilities
A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username leads to cross site scripting. It is possible to launch the attack remotely. VDB-240942 is the identifier assigned to this vulnerability.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-09-30
A stored cross-site scripting (XSS) vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of Animal parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-09-21
Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-09-11
Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-08
Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-08
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-09-08
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.
CVSS Score
8.8
EPSS Score
0.032
Published
2023-08-18
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-08-08
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-08-08
Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-08-08