Online Accreditation Management System
by Itsourcecode
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42918 | 0.00 | — | 0.00 | Aug 23, 2024 | itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php. | |||
| CVE-2023-34486 | 0.00 | — | 0.01 | Jun 29, 2023 | itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved by entering malicious code in the date selection box. | |||
| CVE-2023-34487 | 0.00 | — | 0.01 | Jun 29, 2023 | itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection. | |||
| CVE-2022-32056 | 0.00 | — | 0.01 | Jul 7, 2022 | Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php. |
- CVE-2024-42918Aug 23, 2024risk 0.00cvss —epss 0.00
itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php.
- CVE-2023-34486Jun 29, 2023risk 0.00cvss —epss 0.01
itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved by entering malicious code in the date selection box.
- CVE-2023-34487Jun 29, 2023risk 0.00cvss —epss 0.01
itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection.
- CVE-2022-32056Jul 7, 2022risk 0.00cvss —epss 0.01
Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php.