Tagged: Cybersecurity Alert

A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop...

A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this...

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/patient-appointment-scheduler-system/SQL-3.md

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with `manage-realm` or `manage-organizations` administrative privileges can exploit a Stored Cross-Site Scripting (XSS) vulnerability. This flaw occurs because...

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/storage-unit-rental-management-system/SQL-4.md

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employees-work-home-attendance-system/SQL-1.md

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employees-work-home-attendance-system/SQL-2.md

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employees-work-home-attendance-system/SQL-4.md

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employees-work-home-attendance-system/SQL-3.md

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/online-employees-work-home-attendance-system/SQL-5.md

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/patient-appointment-scheduler-system/RCE-1.md

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/patient-appointment-scheduler-system/SQL-1.md

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/patient-appointment-scheduler-system/SQL-2.md

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php. More information : https://github.com/shininadd/cve_report/blob/main/sourcecodester/storage-unit-rental-management-system/SQL-3.md