| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter. |
| Apifox through 2.1.6 is vulnerable to Cross Site Scripting (XSS) which can lead to remote code execution. |
| novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. |
| mingyuefusu Library Management System all versions as of 03-27-2022 is vulnerable to SQL Injection. |
| Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). |
| Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. |
| nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature. |
| nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS) via the "Text" parameter (forums) when creating a new post, which allows a remote attacker to execute arbitrary JavaScript code at client browser. |
| nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). At Apply for vendor account feature, an attacker can upload an arbitrary file to the system. |
| nopCommerce 4.50.1 is vulnerable to Cross Site Scripting (XSS). An attacker (role customer) can inject javascript code to First name or Last name at Customer Info. |
| KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background management module. |
| UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. |
| UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability. |
| An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection. |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member. |
| Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment. |
| Car Driving School Managment System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_package. |
