Vendor CVEs
Itsourcecode
All CVEs
463 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5660 | Med | 0.41 | 6.3 | 0.00 | Apr 6, 2026 | A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowed_equip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be… | ||
| CVE-2026-5553 | Med | 0.41 | 6.3 | 0.00 | Apr 5, 2026 | A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can… | ||
| CVE-2026-4966 | Med | 0.41 | 6.3 | 0.00 | Mar 27, 2026 | A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/mod_room/index.php?view=edit. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has… | ||
| CVE-2026-4876 | Med | 0.41 | 6.3 | 0.00 | Mar 26, 2026 | A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/mod_amenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from… | ||
| CVE-2026-4783 | Med | 0.41 | 6.3 | 0.00 | Mar 25, 2026 | A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument course_code leads to sql injection. It… | ||
| CVE-2026-4614 | Med | 0.41 | 6.3 | 0.00 | Mar 24, 2026 | A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subject_code causes sql injection. The attack is… | ||
| CVE-2026-4485 | Med | 0.41 | 6.3 | 0.00 | Mar 20, 2026 | A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/search_student.php. The manipulation of the argument Search leads to sql injection. The attack is possible to be carried out remotely. The… | ||
| CVE-2026-4472 | Med | 0.41 | 6.3 | 0.00 | Mar 20, 2026 | A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admin_edit_supplier.php. The manipulation of the argument Supplier_Name leads to sql injection. The attack can be… | ||
| CVE-2026-4241 | Med | 0.41 | 6.3 | 0.00 | Mar 16, 2026 | A vulnerability was identified in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/time-table.php. Such manipulation of the argument course_code leads to sql injection. The attack can be launched remotely. The exploit is… | ||
| CVE-2026-3767 | Med | 0.41 | 6.3 | 0.00 | Mar 8, 2026 | A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument teacher_id can lead to sql injection. The attack may be launched remotely. The… | ||
| CVE-2026-3149 | Med | 0.41 | 6.3 | 0.00 | Feb 25, 2026 | A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. The attack can… | ||
| CVE-2026-1551 | Med | 0.41 | 6.3 | 0.00 | Jan 29, 2026 | A weakness has been identified in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/course/controller.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been… | ||
| CVE-2026-1118 | Med | 0.41 | 6.3 | 0.00 | Jan 18, 2026 | A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit… | ||
| CVE-2026-0582 | Med | 0.41 | 6.3 | 0.00 | Jan 5, 2026 | A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/edit_activity_query.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly… | ||
| CVE-2025-14214 | Med | 0.41 | 6.3 | 0.00 | Dec 8, 2025 | A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /section_edit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed… | ||
| CVE-2025-13581 | Med | 0.41 | 6.3 | 0.00 | Nov 24, 2025 | A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /schedule_edit1.php. Such manipulation of the argument schedule_id leads to sql injection. The attack may be launched remotely.… | ||
| CVE-2025-13570 | Med | 0.41 | 6.3 | 0.00 | Nov 23, 2025 | A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit… | ||
| CVE-2025-13569 | Med | 0.41 | 6.3 | 0.00 | Nov 23, 2025 | A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public… | ||
| CVE-2025-13568 | Med | 0.41 | 6.3 | 0.00 | Nov 23, 2025 | A flaw has been found in itsourcecode COVID Tracking System 1.0. This impacts an unknown function of the file /admin/?page=people. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. | ||
| CVE-2025-13567 | Med | 0.41 | 6.3 | 0.00 | Nov 23, 2025 | A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public… | ||
| CVE-2025-13325 | Med | 0.41 | 6.3 | 0.00 | Nov 18, 2025 | A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollment_edit1.php. Executing manipulation of the argument en_id can lead to sql injection. The attack may be performed from remote. The… | ||
| CVE-2025-13236 | Med | 0.41 | 6.3 | 0.00 | Nov 16, 2025 | A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is… | ||
| CVE-2025-13234 | Med | 0.41 | 6.3 | 0.00 | Nov 16, 2025 | A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID results in sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-10613 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id leads to sql injection. The attack may be performed from remote. The exploit has… | ||
| CVE-2025-9840 | Med | 0.41 | 6.3 | 0.00 | Sep 2, 2025 | A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/gametype.php. Executing manipulation of the argument code can lead to sql injection. The attack can be executed remotely. The exploit has… | ||
| CVE-2025-9417 | Med | 0.41 | 6.3 | 0.00 | Aug 25, 2025 | A weakness has been identified in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /employee/addemployee.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-8172 | Med | 0.41 | 6.3 | 0.00 | Jul 25, 2025 | A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack… | ||
| CVE-2025-7126 | Med | 0.41 | 6.3 | 0.00 | Jul 7, 2025 | A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection.… | ||
| CVE-2025-7125 | Med | 0.41 | 6.3 | 0.00 | Jul 7, 2025 | A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editempeducation.php. The manipulation of the argument coursepg leads to sql injection. The attack… | ||
| CVE-2021-44197 | Med | 0.40 | 6.1 | 0.00 | Mar 7, 2023 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126. | ||
| CVE-2021-44196 | Med | 0.40 | 6.1 | 0.00 | Mar 7, 2023 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126. | ||
| CVE-2025-14000 | Med | 0.35 | 6.4 | 0.00 | Dec 23, 2025 | The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'register_form' and 'restrict' shortcodes in all versions up to, and including, 3.2.15 due to insufficient input sanitization and output escaping on user… | ||
| CVE-2026-22191 | Med | 0.34 | 5.2 | 0.00 | Mar 13, 2026 | Beghelli Sicuro24 SicuroWeb contains a template injection vulnerability that allows attackers to inject arbitrary AngularJS expressions by exploiting improper rendering of untrusted input in AngularJS template contexts. Attackers can inject malicious expressions that are… | ||
| CVE-2026-7612 | Med | 0.31 | 4.7 | 0.00 | May 2, 2026 | A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edit_user.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly… | ||
| CVE-2026-4875 | Med | 0.31 | 4.7 | 0.00 | Mar 26, 2026 | A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/mod_amenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be… | ||
| CVE-2026-4471 | Med | 0.31 | 4.7 | 0.00 | Mar 20, 2026 | A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin_edit_employee.php. Executing a manipulation of the argument First_Name can lead to sql injection. It is possible to launch the attack… | ||
| CVE-2026-4470 | Med | 0.31 | 4.7 | 0.00 | Mar 20, 2026 | A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_edit_menu.php. Performing a manipulation of the argument product_name results in sql injection. It is… | ||
| CVE-2026-4469 | Med | 0.31 | 4.7 | 0.00 | Mar 20, 2026 | A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_edit_menu_action.php. Such manipulation of the argument product_name leads to sql injection. The attack may… | ||
| CVE-2026-4238 | Med | 0.31 | 4.7 | 0.00 | Mar 16, 2026 | A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument course_code leads to sql injection. It is possible to initiate the attack remotely. The… | ||
| CVE-2026-3487 | Med | 0.31 | 4.7 | 0.00 | Mar 3, 2026 | A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument course_code results in sql injection. The attack can be initiated remotely. The… | ||
| CVE-2026-3486 | Med | 0.31 | 4.7 | 0.00 | Mar 3, 2026 | A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll_no leads to sql injection. It is possible to launch the attack remotely. The exploit… | ||
| CVE-2025-13210 | Med | 0.31 | 4.7 | 0.00 | Nov 15, 2025 | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the argument PROMODEL leads to sql injection. The attack may be performed from… | ||
| CVE-2025-7127 | Med | 0.31 | 4.7 | 0.00 | Jul 7, 2025 | A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to… | ||
| CVE-2025-6610 | Med | 0.31 | 4.7 | 0.00 | Jun 25, 2025 | A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editempprofile.php. The manipulation of the argument FirstName leads to sql injection. It is possible to initiate… | ||
| CVE-2026-2817 | Med | 0.29 | 4.4 | 0.00 | Feb 19, 2026 | Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to… | ||
| CVE-2026-11512 | Med | 0.28 | 4.3 | 0.00 | Jun 8, 2026 | A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The… | ||
| CVE-2026-10810 | Med | 0.28 | 4.3 | 0.00 | Jun 4, 2026 | A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been… | ||
| CVE-2026-10301 | Med | 0.28 | 4.3 | 0.00 | Jun 2, 2026 | A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now… | ||
| CVE-2026-9527 | Med | 0.28 | 4.3 | 0.00 | May 26, 2026 | A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit… | ||
| CVE-2026-5319 | Med | 0.28 | 4.3 | 0.00 | Apr 2, 2026 | A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowed_equip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler. Such manipulation of the argument Name leads to sql injection. The attack can…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/mod_room/index.php?view=edit. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/mod_amenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument course_code leads to sql injection. It…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subject_code causes sql injection. The attack is…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/search_student.php. The manipulation of the argument Search leads to sql injection. The attack is possible to be carried out remotely. The…
- risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admin_edit_supplier.php. The manipulation of the argument Supplier_Name leads to sql injection. The attack can be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/time-table.php. Such manipulation of the argument course_code leads to sql injection. The attack can be launched remotely. The exploit is…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument teacher_id can lead to sql injection. The attack may be launched remotely. The…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. The attack can…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/course/controller.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/edit_activity_query.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /section_edit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /schedule_edit1.php. Such manipulation of the argument schedule_id leads to sql injection. The attack may be launched remotely.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in itsourcecode COVID Tracking System 1.0. This impacts an unknown function of the file /admin/?page=people. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollment_edit1.php. Executing manipulation of the argument en_id can lead to sql injection. The attack may be performed from remote. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID results in sql injection. It is possible to initiate the attack remotely. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id leads to sql injection. The attack may be performed from remote. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/gametype.php. Executing manipulation of the argument code can lead to sql injection. The attack can be executed remotely. The exploit has…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /employee/addemployee.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editempeducation.php. The manipulation of the argument coursepg leads to sql injection. The attack…
- risk 0.40cvss 6.1epss 0.00
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126.
- risk 0.40cvss 6.1epss 0.00
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in UBIT Information Technologies Student Information Management System. This issue affects Student Information Management System: before 20211126.
- risk 0.35cvss 6.4epss 0.00
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'register_form' and 'restrict' shortcodes in all versions up to, and including, 3.2.15 due to insufficient input sanitization and output escaping on user…
- risk 0.34cvss 5.2epss 0.00
Beghelli Sicuro24 SicuroWeb contains a template injection vulnerability that allows attackers to inject arbitrary AngularJS expressions by exploiting improper rendering of untrusted input in AngularJS template contexts. Attackers can inject malicious expressions that are…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edit_user.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was determined in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /admin/mod_amenities/index.php?view=add. This manipulation of the argument image causes unrestricted upload. The attack is possible to be…
- risk 0.31cvss 4.7epss 0.00
A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin_edit_employee.php. Executing a manipulation of the argument First_Name can lead to sql injection. It is possible to launch the attack…
- risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_edit_menu.php. Performing a manipulation of the argument product_name results in sql injection. It is…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_edit_menu_action.php. Such manipulation of the argument product_name leads to sql injection. The attack may…
- risk 0.31cvss 4.7epss 0.00
A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument course_code leads to sql injection. It is possible to initiate the attack remotely. The…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument course_code results in sql injection. The attack can be initiated remotely. The…
- risk 0.31cvss 4.7epss 0.00
A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll_no leads to sql injection. It is possible to launch the attack remotely. The exploit…
- risk 0.31cvss 4.7epss 0.00
A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the argument PROMODEL leads to sql injection. The attack may be performed from…
- risk 0.31cvss 4.7epss 0.00
A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to…
- risk 0.31cvss 4.7epss 0.00
A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/editempprofile.php. The manipulation of the argument FirstName leads to sql injection. It is possible to initiate…
- risk 0.29cvss 4.4epss 0.00
Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to…
- risk 0.28cvss 4.3epss 0.00
A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The…
- risk 0.28cvss 4.3epss 0.00
A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit…
- risk 0.28cvss 4.3epss 0.00
A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The…
Page 5 of 10