enferas

References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20962

In the controller Controllers/CrudController.php

public function show($id){
    //...
    // set columns from db
    $this->crud->setFromDb();
    //..
    // get the info for that entry

enferas

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15489

<input type="text" name="q" class="form-control" placeholder="Search..." value="{!! request()->input('q') !!}">

The sanitization

<input type="text" name="q" class="form-control" placeholder="Search..." value="{{ request()->input('q') }}">

enferas

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27371

In AuditLogController in Controllers\Settings\AuditLogController.php

class AuditLogController extends Controller
{
    /**
     * Display the page listing all the audit logs.
     */
    public function index()

enferas

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41938

In file extensions\tags\src\Content\Tag.php

public function __invoke(Document $document, Request $request){
    //...
    $tag = $this->tags->findOrFail($tagId, $actor);
    //...

enferas

Link: https://github.com/RamonSilva20/mapos

Multiple XSS vulnerabilities.

For example,

'telefone' is saved in the DB, then it is retrieved and printed in the view.

In file mapos-master\application\controllers\Clientes.php

enferas

CVE-2023-23017 is assigned

Link: https://github.com/MUlt1mate/cron-manager

XSS vulnerability with date_begin and date_end.

In file cron-manager-master\examples\codeigniter\application\controllers\TasksController.php

public function tasksReport()

enferas

CVE-2023-23018 is assigned

Link: https://github.com/amirsanni/Mini-Inventory-and-Sales-Management-System

Multiple XSS vulnerabilities.

For example,

In file Mini-Inventory-and-Sales-Management-System-master\application\views\email\memberupdate.php

enferas

CVE-2023-23016 is assigned

Link: https://github.com/Wscats/cms

Many XSS vulnerabilities.

For example,

The injection through the news title. The source will be inserted in the DB, then it will be passed from the DB to the view.

enferas

CVE-2023-23015 is assigned

Link: https://github.com/kalkun-sms/Kalkun

XSS vulnerability with the user name.

We see that the username will be setted in the DB without sanitization in file Kalkun-devel\application\models\User_model.php

$this->db->set('username', trim($this->input->post('username')));

enferas

CVE-2023-23014 is assigned

Link: https://github.com/ronknight/InventorySystem

Mutiple XSS vulnerabilities.

For example,

In file InventorySystem-master\application\controllers\Stores.php in update function