CVE

A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section.

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.

There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0.

** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in nikooo777 ckSurf up to 1.19.2. It has been declared as problematic. This vulnerability affects the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The manipulation of the argument cleanName leads to denial of service. Upgrading to version 1.21.0 is able to address this issue. The name of the patch is fd6318d99083a06363091441a0614bd2f21068e6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-238156. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to version 0.2 is able to address this issue. The identifier of the patch is 850c726d6bbfe0bf270801fbb92a30babea4155c. It is recommended to upgrade the affected component. The identifier VDB-238157 was assigned to this vulnerability.

User enumeration is found in PHP Jabbers Car Rental Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

User enumeration is found in PHPJabbers Taxi Booking Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

User enumeration is found in PHP Jabbers Restaurant Booking Script v3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.