Vendor CVEs
Angeljudesuarez
All CVEs
221 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-3492 | 0.00 | — | 0.01 | Oct 13, 2022 | A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be… | |||
| CVE-2022-3473 | 0.00 | — | 0.01 | Oct 12, 2022 | A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity.php. The manipulation of the argument ci leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2022-3470 | 0.00 | — | 0.00 | Oct 12, 2022 | A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file getstatecity.php. The manipulation of the argument sc leads to sql injection. It is possible to launch the attack… | |||
| CVE-2022-3471 | 0.00 | — | 0.00 | Oct 12, 2022 | A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be… | |||
| CVE-2022-3458 | 0.00 | — | 0.00 | Oct 12, 2022 | A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted… | |||
| CVE-2022-3472 | 0.00 | — | 0.00 | Oct 12, 2022 | A vulnerability was found in SourceCodester Human Resource Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file city.php. The manipulation of the argument cityedit leads to sql injection. The attack may be launched… | |||
| CVE-2022-29998 | 0.00 | — | 0.01 | May 12, 2022 | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. | |||
| CVE-2022-29999 | 0.00 | — | 0.01 | May 12, 2022 | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. | |||
| CVE-2022-30001 | 0.00 | — | 0.01 | May 12, 2022 | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. | |||
| CVE-2022-30002 | 0.00 | — | 0.01 | May 12, 2022 | Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. | |||
| CVE-2021-46307 | 0.00 | — | 0.02 | Jan 21, 2022 | An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | |||
| CVE-2021-25204 | 0.00 | — | 0.01 | Jul 23, 2021 | Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php. | |||
| CVE-2021-25207 | 0.00 | — | 0.02 | Jul 23, 2021 | Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php. | |||
| CVE-2021-25205 | 0.00 | — | 0.01 | Jul 22, 2021 | SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php . | |||
| CVE-2020-26006 | 0.00 | — | 0.01 | May 24, 2021 | Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php. | |||
| CVE-2020-25411 | 0.00 | — | 0.01 | May 24, 2021 | Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user. | |||
| CVE-2020-29205 | 0.00 | — | 0.02 | May 17, 2021 | XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field | |||
| CVE-2020-29258 | 0.00 | — | 0.01 | Dec 9, 2020 | Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php. | |||
| CVE-2020-25955 | 0.00 | — | 0.01 | Dec 8, 2020 | SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab. | |||
| CVE-2015-2207 | 0.00 | — | 0.01 | Feb 8, 2020 | Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) ctrl, (2) t90001_0_theform_selection, (3) _scroll, (4) tableName, (5) parent, (6) circuit,… | |||
| CVE-2015-3423 | 0.00 | — | 0.02 | Feb 8, 2020 | Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h____%2439, (4) param0, (5) param1, (6) param2, (7) param3, (8) param4, (9)… |
- CVE-2022-3492Oct 13, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be…
- CVE-2022-3473Oct 12, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity.php. The manipulation of the argument ci leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2022-3470Oct 12, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file getstatecity.php. The manipulation of the argument sc leads to sql injection. It is possible to launch the attack…
- CVE-2022-3471Oct 12, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be…
- CVE-2022-3458Oct 12, 2022risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted…
- CVE-2022-3472Oct 12, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Human Resource Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file city.php. The manipulation of the argument cityedit leads to sql injection. The attack may be launched…
- CVE-2022-29998May 12, 2022risk 0.00cvss —epss 0.01
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=.
- CVE-2022-29999May 12, 2022risk 0.00cvss —epss 0.01
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=.
- CVE-2022-30001May 12, 2022risk 0.00cvss —epss 0.01
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=.
- CVE-2022-30002May 12, 2022risk 0.00cvss —epss 0.01
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=.
- CVE-2021-46307Jan 21, 2022risk 0.00cvss —epss 0.02
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
- CVE-2021-25204Jul 23, 2021risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.
- CVE-2021-25207Jul 23, 2021risk 0.00cvss —epss 0.02
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
- CVE-2021-25205Jul 22, 2021risk 0.00cvss —epss 0.01
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
- CVE-2020-26006May 24, 2021risk 0.00cvss —epss 0.01
Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php.
- CVE-2020-25411May 24, 2021risk 0.00cvss —epss 0.01
Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.
- CVE-2020-29205May 17, 2021risk 0.00cvss —epss 0.02
XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field
- CVE-2020-29258Dec 9, 2020risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.
- CVE-2020-25955Dec 8, 2020risk 0.00cvss —epss 0.01
SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.
- CVE-2015-2207Feb 8, 2020risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) ctrl, (2) t90001_0_theform_selection, (3) _scroll, (4) tableName, (5) parent, (6) circuit,…
- CVE-2015-3423Feb 8, 2020risk 0.00cvss —epss 0.02
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h____%2439, (4) param0, (5) param1, (6) param2, (7) param3, (8) param4, (9)…
Page 5 of 5