VYPR

Vendor CVEs

Angeljudesuarez

All CVEs

221 total · sorted by risk
  • CVE-2022-3492Oct 13, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be…

  • CVE-2022-3473Oct 12, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity.php. The manipulation of the argument ci leads to sql injection. It is possible to initiate the attack remotely. The…

  • CVE-2022-3470Oct 12, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file getstatecity.php. The manipulation of the argument sc leads to sql injection. It is possible to launch the attack…

  • CVE-2022-3471Oct 12, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be…

  • CVE-2022-3458Oct 12, 2022
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted…

  • CVE-2022-3472Oct 12, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Human Resource Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file city.php. The manipulation of the argument cityedit leads to sql injection. The attack may be launched…

  • CVE-2022-29998May 12, 2022
    risk 0.00cvss epss 0.01

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=.

  • CVE-2022-29999May 12, 2022
    risk 0.00cvss epss 0.01

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=.

  • CVE-2022-30001May 12, 2022
    risk 0.00cvss epss 0.01

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=.

  • CVE-2022-30002May 12, 2022
    risk 0.00cvss epss 0.01

    Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=.

  • CVE-2021-46307Jan 21, 2022
    risk 0.00cvss epss 0.02

    An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.

  • CVE-2021-25204Jul 23, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.

  • CVE-2021-25207Jul 23, 2021
    risk 0.00cvss epss 0.02

    Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.

  • CVE-2021-25205Jul 22, 2021
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .

  • CVE-2020-26006May 24, 2021
    risk 0.00cvss epss 0.01

    Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php.

  • CVE-2020-25411May 24, 2021
    risk 0.00cvss epss 0.01

    Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.

  • CVE-2020-29205May 17, 2021
    risk 0.00cvss epss 0.02

    XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field

  • CVE-2020-29258Dec 9, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.

  • CVE-2020-25955Dec 8, 2020
    risk 0.00cvss epss 0.01

    SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.

  • CVE-2015-2207Feb 8, 2020
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) ctrl, (2) t90001_0_theform_selection, (3) _scroll, (4) tableName, (5) parent, (6) circuit,…

  • CVE-2015-3423Feb 8, 2020
    risk 0.00cvss epss 0.02

    Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h____%2439, (4) param0, (5) param1, (6) param2, (7) param3, (8) param4, (9)…

Page 5 of 5