Lost and Found Information System
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-37859 | 0.00 | — | 0.00 | Jul 29, 2024 | Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php. | |||
| CVE-2024-37856 | 0.00 | — | 0.00 | Jul 29, 2024 | Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page. | |||
| CVE-2024-37858 | 0.00 | — | 0.00 | Jul 29, 2024 | SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php. | |||
| CVE-2024-37857 | 0.00 | — | 0.00 | Jul 29, 2024 | SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php. | |||
| CVE-2023-33676 | 0.00 | — | 0.00 | Mar 7, 2024 | Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*" which can be escalated to the remote command execution. | |||
| CVE-2023-33677 | 0.00 | — | 0.00 | Mar 6, 2024 | Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*". | |||
| CVE-2023-5018 | 0.00 | — | 0.00 | Sep 17, 2023 | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_category of the component POST Parameter Handler. The manipulation of the argument id leads to sql… | |||
| CVE-2023-36159 | 0.00 | — | 0.00 | Aug 3, 2023 | Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page. | |||
| CVE-2023-3850 | 0.00 | — | 0.00 | Jul 23, 2023 | A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category of the component HTTP POST Request Handler. The… | |||
| CVE-2023-3680 | 0.00 | — | 0.00 | Jul 15, 2023 | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_item of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql… | |||
| CVE-2023-3679 | 0.00 | — | 0.00 | Jul 15, 2023 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_inquiry of the component HTTP POST Request Handler. The manipulation of… | |||
| CVE-2023-3177 | 0.00 | — | 0.00 | Jun 9, 2023 | A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin\inquiries\view_inquiry.php. The manipulation leads to sql injection. The attack can be… | |||
| CVE-2023-3176 | 0.00 | — | 0.00 | Jun 9, 2023 | A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the… | |||
| CVE-2023-3018 | 0.00 | — | 0.00 | May 31, 2023 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/?page=user/list. The manipulation leads to improper access controls. The attack can be initiated… | |||
| CVE-2023-3017 | 0.00 | — | 0.00 | May 31, 2023 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/?page=user/manage_user of the component Manage User Page. The manipulation of the argument First Name/Middle… | |||
| CVE-2023-2699 | 0.00 | — | 0.00 | May 14, 2023 | A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the… | |||
| CVE-2023-2698 | 0.00 | — | 0.00 | May 14, 2023 | A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument… | |||
| CVE-2023-2672 | 0.00 | — | 0.00 | May 12, 2023 | A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is… | |||
| CVE-2023-2671 | 0.00 | — | 0.00 | May 12, 2023 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument… | |||
| CVE-2023-2670 | 0.00 | — | 0.00 | May 12, 2023 | A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated… |
- CVE-2024-37859Jul 29, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php.
- CVE-2024-37856Jul 29, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page.
- CVE-2024-37858Jul 29, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php.
- CVE-2024-37857Jul 29, 2024risk 0.00cvss —epss 0.00
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php.
- CVE-2023-33676Mar 7, 2024risk 0.00cvss —epss 0.00
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*" which can be escalated to the remote command execution.
- CVE-2023-33677Mar 6, 2024risk 0.00cvss —epss 0.00
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*".
- CVE-2023-5018Sep 17, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_category of the component POST Parameter Handler. The manipulation of the argument id leads to sql…
- CVE-2023-36159Aug 3, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page.
- CVE-2023-3850Jul 23, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category of the component HTTP POST Request Handler. The…
- CVE-2023-3680Jul 15, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_item of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql…
- CVE-2023-3679Jul 15, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_inquiry of the component HTTP POST Request Handler. The manipulation of…
- CVE-2023-3177Jun 9, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin\inquiries\view_inquiry.php. The manipulation leads to sql injection. The attack can be…
- CVE-2023-3176Jun 9, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the…
- CVE-2023-3018May 31, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/?page=user/list. The manipulation leads to improper access controls. The attack can be initiated…
- CVE-2023-3017May 31, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/?page=user/manage_user of the component Manage User Page. The manipulation of the argument First Name/Middle…
- CVE-2023-2699May 14, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the…
- CVE-2023-2698May 14, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument…
- CVE-2023-2672May 12, 2023risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is…
- CVE-2023-2671May 12, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument…
- CVE-2023-2670May 12, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated…
Page 1 of 2