#webkit

Ubuntu Security Notice 5893-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221795.

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221794 is the identifier assigned to this vulnerability.

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/rate_review.php. The manipulation of the argument id with the input 1"><script>alert(1111)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221799.

Music Gallery Site version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Music Gallery Site version 1.0 suffers from a missing authentication vulnerability that allows for privilege escalation.

Employee Task Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Employee Task Management System version 1.0 suffers from a privilege escalation vulnerability due to a broken access control where a lower privileged user's cookie can be leveraged to takeover an administrative account.

Auto Dealer Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Auto Dealer Management System version 1.0 suffers from a privilege escalation vulnerability due to a broken access control where a lower privileged user's cookie can be leveraged to takeover an administrative account.