Mohitkumar0786/CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33305 ↗	May 2, 2024Thursday, 2 May 2024, 14:15	6.1 MEDIUM	—
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User.
CVE-2024-33302 ↗	May 2, 2024Thursday, 2 May 2024, 14:15	5.3 MEDIUM	—
SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users.
CVE-2024-33303 ↗	May 2, 2024Thursday, 2 May 2024, 14:15	8.2 HIGH	—
SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users.
CVE-2024-33306 ↗	May 1, 2024Wednesday, 1 May 2024, 20:15	7.4 HIGH	—
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User.
CVE-2024-33307 ↗	May 1, 2024Wednesday, 1 May 2024, 20:15	5.4 MEDIUM	—
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.
CVE-2024-33304 ↗	May 1, 2024Wednesday, 1 May 2024, 19:15	6.1 MEDIUM	—
SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" under Add Users.
CVE-2024-31651 ↗	Apr 15, 2024Monday, 15 April 2024, 22:15	6.1 MEDIUM	—
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter.
CVE-2024-31648 ↗	Apr 15, 2024Monday, 15 April 2024, 21:15	6.1 MEDIUM	—
Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/new_category2.
CVE-2024-31649 ↗	Apr 15, 2024Monday, 15 April 2024, 21:15	5.4 MEDIUM	—
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.
CVE-2024-31650 ↗	Apr 15, 2024Monday, 15 April 2024, 21:15	9.6 CRITICAL	—
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter.
CVE-2024-31652 ↗	Apr 15, 2024Monday, 15 April 2024, 21:15	6.1 MEDIUM	—
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter.