#windows

A cross-site scripting (XSS) vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module.

SourceCodester Water Billing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the lastname text box under the Add Client module.

Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.

WebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.

WebTareas version 2.4 suffers from multiple cross site scripting vulnerabilities.

WebTareas version 2.4 suffers from a remote shell upload vulnerability.

Tftpd32_SE version 4.60 suffers from an unquoted service path vulnerability.

Rental House Management System version 1.0 suffers from a cross site scripting vulnerability.

WPN-XM Serverstack for Windows version 0.8.6 suffers from cross site scripting, local file inclusion, and path traversal vulnerabilities.

Atom CMS version 2.0 suffers from a remote SQL injection vulnerability. Original discovery of this issue in this version is attributed to Luca Cuzzolin in February of 2022.