Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php.

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php.

Directory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canonicalize or reject dot path segments in its catch-all route, allowing attackers to gain sensitive information via authenticated or anonymous WebDAV endpoints.

A flaw was found in the 3scale Developer Portal. When creating or updating an account in the Developer Portal UI it is possible to modify fields explicitly configured as read-only or hidden, allowing an attacker to modify restricted information.

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1.

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure.

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php.

Phpgurukul Maid Hiring Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in /maid-hiring.php va the name field.

Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php.

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function