4.8
CVE-2025-1585 - otale header.html OptionsService cross site scripting
A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logo_url leads to cross site scripting. The atβ¦
5.3
CVE-2025-1584 - opensolon Solon StaticMappings.java path traversal
A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org/noear/solon/web/staticfiles/StaticMappings.java. The manipulation leads to path traversal: '../filβ¦
5.3
CVE-2025-1583 - PHPGurukul Online Nurse Hiring System search-report-details.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/search-report-details.php. The manipulation of the argument searchinput leads to sql injection. It is possible to initiate the attack remotely. The expβ¦
5.3
CVE-2025-1582 - PHPGurukul Online Nurse Hiring System all-request.php sql injection
A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/all-request.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The exβ¦
5.3
CVE-2025-1581 - PHPGurukul Online Nurse Hiring System book-nurse.php sql injection
A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launched β¦
5.3
CVE-2025-1580 - PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotβ¦
4.8
CVE-2025-1579 - code-projects Blood Bank System user.php cross site scripting
A vulnerability was found in code-projects Blood Bank System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/user.php. The manipulation of the argument email leads to cross site scripting. The attack may be initiated remotely. The exploit has been diβ¦
5.3
CVE-2025-1578 - PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploit β¦
5.1
CVE-2025-1577 - code-projects Blood Bank System prostatus.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /prostatus.php. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. β¦
6.1
CVE-2024-13728 - Accept Donations with PayPal & Stripe <= 1.4.4 - Reflected Cross-Site Scripting
The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the rf parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject β¦