Pet Management System
CVEs (230)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-40110 | Cri | 0.64 | 9.8 | 0.02 | Jul 12, 2024 | Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php. | ||
| CVE-2024-34833 | Cri | 0.64 | 9.8 | 0.02 | Jun 17, 2024 | Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability… | ||
| CVE-2024-36779 | Cri | 0.64 | 9.8 | 0.01 | Jun 6, 2024 | Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php. | ||
| CVE-2024-36568 | Cri | 0.64 | 9.8 | 0.01 | Jun 3, 2024 | Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=. | ||
| CVE-2024-34919 | Cri | 0.64 | 9.8 | 0.01 | May 17, 2024 | An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file. | ||
| CVE-2024-28557 | Cri | 0.64 | 9.8 | 0.01 | Apr 15, 2024 | SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php. | ||
| CVE-2024-28556 | Cri | 0.64 | 9.8 | 0.01 | Apr 15, 2024 | SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php. | ||
| CVE-2024-31678 | Cri | 0.64 | 9.8 | 0.01 | Apr 11, 2024 | Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file. | ||
| CVE-2024-29303 | Cri | 0.64 | 9.8 | 0.01 | Mar 26, 2024 | The delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection | ||
| CVE-2024-25239 | Cri | 0.64 | 9.8 | 0.01 | Mar 21, 2024 | SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php. | ||
| CVE-2023-30076 | Cri | 0.64 | 9.8 | 0.01 | Apr 20, 2023 | Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=. | ||
| CVE-2024-34226 | Cri | 0.61 | 9.4 | 0.01 | May 14, 2024 | SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters. | ||
| CVE-2024-33294 | Cri | 0.59 | 9.1 | 0.01 | May 6, 2024 | An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the _FAILE variable in the student_edit_photo.php component. | ||
| CVE-2026-9393 | Hig | 0.57 | 8.8 | 0.00 | May 24, 2026 | A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public… | ||
| CVE-2024-36569 | Hig | 0.53 | 8.1 | 0.01 | Jun 3, 2024 | Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php. | ||
| CVE-2022-4855 | Hig | 0.50 | 7.3 | 0.26 | Dec 30, 2022 | A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The… | ||
| CVE-2024-29302 | Hig | 0.49 | 7.5 | 0.01 | Mar 26, 2024 | SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php. | ||
| CVE-2024-29301 | Hig | 0.49 | 7.5 | 0.01 | Mar 26, 2024 | SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id= | ||
| CVE-2025-1160 | Hig | 0.48 | 7.3 | 0.01 | Feb 10, 2025 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The… | ||
| CVE-2024-5774 | Hig | 0.48 | 7.3 | 0.01 | Jun 9, 2024 | A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql… |
- risk 0.64cvss 9.8epss 0.02
Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php.
- risk 0.64cvss 9.8epss 0.02
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability…
- risk 0.64cvss 9.8epss 0.01
Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.
- risk 0.64cvss 9.8epss 0.01
Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=.
- risk 0.64cvss 9.8epss 0.01
An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
- risk 0.64cvss 9.8epss 0.01
Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file.
- risk 0.64cvss 9.8epss 0.01
The delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php.
- risk 0.64cvss 9.8epss 0.01
Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=.
- risk 0.61cvss 9.4epss 0.01
SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters.
- risk 0.59cvss 9.1epss 0.01
An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the _FAILE variable in the student_edit_photo.php component.
- risk 0.57cvss 8.8epss 0.00
A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public…
- risk 0.53cvss 8.1epss 0.01
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php.
- risk 0.50cvss 7.3epss 0.26
A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The…
- risk 0.49cvss 7.5epss 0.01
SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php.
- risk 0.49cvss 7.5epss 0.01
SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=
- risk 0.48cvss 7.3epss 0.01
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The…
- risk 0.48cvss 7.3epss 0.01
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql…
Page 1 of 12