Produkt Visitor management system in php (...) - CVEMAP.ORG

Podatności dla
'Visitor management system in php'

2020-09-30

CVE-2020-25761

CWE-79

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc.

CVE-2020-25760

CWE-89

Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.

>>> Vendor: Projectworlds 13 Produkty

Hospital management system in php

Official car rental system

House rental and property listing project

Car rental project

Visitor management system in php

Online examination system

Online matrimonial project

Online book store project in php

Travel management system

Online shopping system in php

Online-shopping-webvsite-in-php

Online movie ticket booking system

Copyright 2024, cxsecurity.com