VYPR

Vendor CVEs

Carmelo

All CVEs

165 total · sorted by risk
  • CVE-2023-5272Sep 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit…

  • CVE-2023-5271Sep 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been…

  • CVE-2023-5270Sep 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has…

  • CVE-2022-2683Aug 5, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in SourceCodester Simple Food Ordering System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password with the input "> leads to cross site…

  • CVE-2022-32405Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/view_prison.php:4

  • CVE-2022-32403Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_record.php:4

  • CVE-2022-32402Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/manage_prison.php:4

  • CVE-2022-32399Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/crimes/view_crime.php:4

  • CVE-2022-32398Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/cells/manage_cell.php:4

  • CVE-2022-32397Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/visits/view_visit.php:4

  • CVE-2022-32392Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/manage_action.php:4

  • CVE-2022-32391Jun 24, 2022
    risk 0.00cvss epss 0.01

    Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/view_action.php:4

  • CVE-2020-29287Dec 2, 2020
    risk 0.00cvss epss 0.03

    An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.

  • CVE-2020-23832Oct 6, 2020
    risk 0.00cvss epss 0.02

    A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin login.

  • CVE-2020-24199Sep 9, 2020
    risk 0.00cvss epss 0.04

    Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution.

Page 4 of 4