VYPR

Vendor CVEs

Codeastro

All CVEs

221 total · sorted by risk
  • CVE-2024-6042Jun 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in itsourcecode Real Estate Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file property-detail.php. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2024-5101May 19, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Simple Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file updateproduct.php. The manipulation of the argument ITEM leads to sql injection. The attack can be initiated remotely.…

  • CVE-2024-5100May 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Simple Inventory System 1.0. It has been classified as critical. This affects an unknown part of the file tableedit.php. The manipulation of the argument from/to leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2024-5099May 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched…

  • CVE-2024-5098May 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been…

  • CVE-2024-5097May 19, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in SourceCodester Simple Inventory System 1.0. Affected is an unknown function of the file /tableedit.php#page=editprice. The manipulation of the argument itemnumber leads to cross-site request forgery. It is…

  • CVE-2024-2351Mar 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument cat_id/brand_id/keyword leads to sql injection. The…

  • CVE-2024-2333Mar 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the file /add_members.php. The manipulation of the argument fullname leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2024-2149Mar 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file settings.php. The manipulation of the argument currency leads to sql injection. The attack can be initiated remotely. The exploit…

  • CVE-2024-25866Feb 28, 2024
    risk 0.00cvss epss 0.01

    A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php component.

  • CVE-2024-25868Feb 28, 2024
    risk 0.00cvss epss 0.01

    A Cross Site Scripting (XSS) vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via the membershipType parameter in the add_type.php component.

  • CVE-2024-25867Feb 28, 2024
    risk 0.00cvss epss 0.01

    A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the membershipType and membershipAmount parameters in the add_type.php component.

  • CVE-2024-1924Feb 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /get_membership_amount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate…

  • CVE-2024-1823Feb 23, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. The attack can be launched…

  • CVE-2024-1819Feb 23, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the…

  • CVE-2024-1818Feb 23, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /uploads/ of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched…

  • CVE-2024-1268Feb 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in CodeAstro Restaurant POS System 1.0. This affects an unknown part of the file update_product.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2024-1267Feb 7, 2024
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, has been found in CodeAstro Restaurant POS System 1.0. Affected by this issue is some unknown functionality of the file create_account.php. The manipulation of the argument Full Name leads to cross site scripting. The attack…

  • CVE-2024-1103Jan 31, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input…

  • CVE-2024-1031Jan 30, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross…

  • CVE-2024-0958Jan 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Stock Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /index.php of the component Add Category Handler. The manipulation of the argument Category Name/Category Description leads to…

  • CVE-2024-0782Jan 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file pass-profile.php. The manipulation of the argument First Name/Last Name/User Name leads to cross site scripting.…

  • CVE-2024-0781Jan 22, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" content="0;…

  • CVE-2024-0773Jan 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. Affected by this vulnerability is an unknown functionality of the file pages_client_signup.php. The manipulation of the argument Client Full Name leads to cross site scripting. The…

  • CVE-2024-0543Jan 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in CodeAstro Real Estate Management System up to 1.0. This affects an unknown part of the file propertydetail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely.…

  • CVE-2024-0424Jan 11, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack…

  • CVE-2024-0423Jan 11, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file dishes.php. The manipulation of the argument res_id leads to cross site scripting. The attack may be…

  • CVE-2024-0346Jan 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as problematic. This vulnerability affects unknown code of the file usr/user-give-feedback.php of the component Feedback Page. The manipulation of the argument My Testemonial leads to cross…

  • CVE-2024-0345Jan 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input…

  • CVE-2024-0247Jan 5, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /admin/ of the component Admin Panel. The manipulation of the argument Username leads to sql injection. The attack can be initiated…

  • CVE-2024-0194Jan 2, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in CodeAstro Internet Banking System up to 1.0. This issue affects some unknown processing of the file pages_account.php of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The…

  • CVE-2023-48689Dec 21, 2023
    risk 0.00cvss epss 0.01

    Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-48687Dec 21, 2023
    risk 0.00cvss epss 0.01

    Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'from' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-48685Dec 21, 2023
    risk 0.00cvss epss 0.01

    Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-5796Oct 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro POS System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /setting of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The…

  • CVE-2023-5795Oct 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be…

  • CVE-2023-5699Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pages_view_client.php. The manipulation of the argument acc_name with the input Johnnie Reyes'"()&%<ScRiPt…

  • CVE-2023-5698Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pages_deposit_money.php. The manipulation of the argument account_number with the input 421873905--><!-…

  • CVE-2023-5697Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_withdraw_money.php. The manipulation of the argument account_number with the input 287359614--><!--…

  • CVE-2023-5696Oct 22, 2023
    risk 0.00cvss epss 0.00

    A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file pages_transfer_money.php. The manipulation of the argument account_number with the input…

  • CVE-2023-5695Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file pages_reset_pwd.php. The manipulation of the argument email with the input…

  • CVE-2023-5694Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been classified as problematic. Affected is an unknown function of the file pages_system_settings.php. The manipulation of the argument sys_name with the input leads to cross…

  • CVE-2023-5693Oct 22, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pages_reset_pwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2023-44174Sep 28, 2023
    risk 0.00cvss epss 0.00

    Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.

  • CVE-2022-45990Dec 5, 2022
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.

  • CVE-2022-2688Aug 6, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql…

  • CVE-2022-33061Jun 29, 2022
    risk 0.00cvss epss 0.01

    Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service.

  • CVE-2022-33060Jun 29, 2022
    risk 0.00cvss epss 0.01

    Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.

  • CVE-2022-33059Jun 29, 2022
    risk 0.00cvss epss 0.01

    Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train.

  • CVE-2022-33058Jun 29, 2022
    risk 0.00cvss epss 0.01

    Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message.

Page 4 of 5