Vendor CVEs
Oretnom23
All CVEs
440 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0847 | 0.00 | — | 0.01 | Jan 30, 2025 | A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can… | |||
| CVE-2025-0846 | 0.00 | — | 0.01 | Jan 30, 2025 | A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the… | |||
| CVE-2025-0342 | 0.00 | — | 0.00 | Jan 9, 2025 | A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument s_lname leads to cross site scripting. It is possible to initiate… | |||
| CVE-2025-0341 | 0.00 | — | 0.00 | Jan 9, 2025 | A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. The… | |||
| CVE-2024-54818 | 0.00 | — | 0.01 | Jan 8, 2025 | SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. | |||
| CVE-2025-0212 | 0.00 | — | 0.01 | Jan 4, 2025 | A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /view_students.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2024-9090 | 0.00 | — | 0.01 | Sep 22, 2024 | A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the… | |||
| CVE-2024-9089 | 0.00 | — | 0.00 | Sep 22, 2024 | A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file update_loan_record.php. The manipulation of the argument amount leads to cross site scripting. The attack may be… | |||
| CVE-2024-9032 | 0.00 | — | 0.01 | Sep 20, 2024 | A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely.… | |||
| CVE-2024-8951 | 0.00 | — | 0.00 | Sep 17, 2024 | A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_fee.php. The manipulation of the argument toview leads to cross site scripting. The attack can be… | |||
| CVE-2024-8711 | 0.00 | — | 0.01 | Sep 12, 2024 | A vulnerability, which was classified as problematic, has been found in SourceCodester Food Ordering Management System 1.0. Affected by this issue is some unknown functionality of the file /includes/. The manipulation leads to exposure of information through directory listing.… | |||
| CVE-2024-8604 | 0.00 | — | 0.01 | Sep 9, 2024 | A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of the file index.php of the component Create an Account Page. The manipulation of the argument First Name/Last Name leads to cross site… | |||
| CVE-2024-8582 | 0.00 | — | 0.00 | Sep 8, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument description leads to cross site scripting. The attack may… | |||
| CVE-2024-8558 | 0.00 | — | 0.01 | Sep 7, 2024 | A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper… | |||
| CVE-2024-8557 | 0.00 | — | 0.01 | Sep 7, 2024 | A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. This affects an unknown part of the file /foms/routers/cancel-order.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2024-8416 | 0.00 | — | 0.01 | Sep 4, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been classified as critical. This affects an unknown part of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. It is possible to initiate… | |||
| CVE-2024-8415 | 0.00 | — | 0.01 | Sep 4, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /routers/add-ticket.php. The manipulation of the argument id leads to sql injection. The attack may be… | |||
| CVE-2024-8348 | 0.00 | — | 0.01 | Aug 30, 2024 | A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to… | |||
| CVE-2024-8347 | 0.00 | — | 0.01 | Aug 30, 2024 | A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection.… | |||
| CVE-2024-8346 | 0.00 | — | 0.01 | Aug 30, 2024 | A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql… | |||
| CVE-2024-7946 | 0.00 | — | 0.01 | Aug 20, 2024 | A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file register.php of the component User Signup. The manipulation of the argument user leads to sql… | |||
| CVE-2024-41332 | 0.00 | — | 0.01 | Aug 9, 2024 | Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories. | |||
| CVE-2024-34479 | 0.00 | — | 0.01 | Aug 7, 2024 | SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. | |||
| CVE-2024-34480 | 0.00 | — | 0.01 | Aug 7, 2024 | SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection. | |||
| CVE-2024-7321 | 0.00 | — | 0.01 | Jul 31, 2024 | A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Registration Handler. The manipulation of the argument user leads to cross site… | |||
| CVE-2024-7320 | 0.00 | — | 0.01 | Jul 31, 2024 | A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to… | |||
| CVE-2024-7303 | 0.00 | — | 0.00 | Jul 31, 2024 | A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup… | |||
| CVE-2024-6966 | 0.00 | — | 0.01 | Jul 22, 2024 | A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php of the component Login. The manipulation of the argument user/pass leads to sql injection. The… | |||
| CVE-2024-6802 | 0.00 | — | 0.10 | Jul 17, 2024 | A vulnerability, which was classified as critical, was found in SourceCodester Computer Laboratory Management System 1.0. Affected is an unknown function of the file /lms/classes/Master.php?f=save_record. The manipulation of the argument id leads to sql injection. It is possible… | |||
| CVE-2024-6732 | 0.00 | — | 0.01 | Jul 14, 2024 | A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. This vulnerability affects unknown code of the file /sscdms/classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. The attack can be… | |||
| CVE-2024-6731 | 0.00 | — | 0.01 | Jul 14, 2024 | A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. This affects an unknown part of the file /Master.php?f=save_student. The manipulation of the argument id leads to sql injection. It is possible to initiate… | |||
| CVE-2024-6217 | 0.00 | — | 0.01 | Jun 21, 2024 | A vulnerability classified as critical was found in SourceCodester Food Ordering Management System 1.0. Affected by this vulnerability is an unknown functionality of the file user-router.php. The manipulation of the argument 1_verified leads to sql injection. The attack can be… | |||
| CVE-2024-6216 | 0.00 | — | 0.01 | Jun 21, 2024 | A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file add-users.php. The manipulation of the argument contact leads to sql injection. It is possible to launch the attack remotely.… | |||
| CVE-2024-6215 | 0.00 | — | 0.01 | Jun 21, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file view-ticket-admin.php. The manipulation of the argument id leads to sql injection. The attack may be… | |||
| CVE-2024-6214 | 0.00 | — | 0.01 | Jun 21, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file add-item.php. The manipulation of the argument price leads to sql injection. The attack can be initiated… | |||
| CVE-2024-6213 | 0.00 | — | 0.01 | Jun 21, 2024 | A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file login.php of the component Login Panel. The manipulation of the argument username leads to sql injection. It is… | |||
| CVE-2024-31586 | 0.00 | — | 0.00 | Jun 20, 2024 | A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters. | |||
| CVE-2024-5517 | 0.00 | — | 0.01 | May 30, 2024 | A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file changepwd.php. The manipulation of the argument useremail leads to sql injection. The attack may be… | |||
| CVE-2024-5516 | 0.00 | — | 0.01 | May 30, 2024 | A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be… | |||
| CVE-2024-35583 | 0.00 | — | 0.00 | May 28, 2024 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. | |||
| CVE-2024-35581 | 0.00 | — | 0.00 | May 28, 2024 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field. | |||
| CVE-2024-35582 | 0.00 | — | 0.00 | May 28, 2024 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field. | |||
| CVE-2024-34231 | 0.00 | — | 0.00 | May 13, 2024 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter. | |||
| CVE-2024-34230 | 0.00 | — | 0.00 | May 13, 2024 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information parameter. | |||
| CVE-2024-34225 | 0.00 | — | 0.01 | May 13, 2024 | Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters. | |||
| CVE-2024-34224 | 0.00 | — | 0.01 | May 13, 2024 | Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. | |||
| CVE-2024-33305 | 0.00 | — | 0.00 | May 2, 2024 | SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User. | |||
| CVE-2024-33306 | 0.00 | — | 0.01 | May 1, 2024 | SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User. | |||
| CVE-2024-33307 | 0.00 | — | 0.00 | May 1, 2024 | SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User. | |||
| CVE-2024-33247 | 0.00 | — | 0.01 | Apr 25, 2024 | Sourcecodester Employee Task Management System v1.0 is vulnerable to SQL Injection via admin-manage-user.php. |
- CVE-2025-0847Jan 30, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can…
- CVE-2025-0846Jan 30, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the…
- CVE-2025-0342Jan 9, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument s_lname leads to cross site scripting. It is possible to initiate…
- CVE-2025-0341Jan 9, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. The…
- CVE-2024-54818Jan 8, 2025risk 0.00cvss —epss 0.01
SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list.
- CVE-2025-0212Jan 4, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /view_students.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2024-9090Sep 22, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the…
- CVE-2024-9089Sep 22, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file update_loan_record.php. The manipulation of the argument amount leads to cross site scripting. The attack may be…
- CVE-2024-9032Sep 20, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely.…
- CVE-2024-8951Sep 17, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_fee.php. The manipulation of the argument toview leads to cross site scripting. The attack can be…
- CVE-2024-8711Sep 12, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in SourceCodester Food Ordering Management System 1.0. Affected by this issue is some unknown functionality of the file /includes/. The manipulation leads to exposure of information through directory listing.…
- CVE-2024-8604Sep 9, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of the file index.php of the component Create an Account Page. The manipulation of the argument First Name/Last Name leads to cross site…
- CVE-2024-8582Sep 8, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument description leads to cross site scripting. The attack may…
- CVE-2024-8558Sep 7, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper…
- CVE-2024-8557Sep 7, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. This affects an unknown part of the file /foms/routers/cancel-order.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…
- CVE-2024-8416Sep 4, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been classified as critical. This affects an unknown part of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. It is possible to initiate…
- CVE-2024-8415Sep 4, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /routers/add-ticket.php. The manipulation of the argument id leads to sql injection. The attack may be…
- CVE-2024-8348Aug 30, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to…
- CVE-2024-8347Aug 30, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection.…
- CVE-2024-8346Aug 30, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql…
- CVE-2024-7946Aug 20, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file register.php of the component User Signup. The manipulation of the argument user leads to sql…
- CVE-2024-41332Aug 9, 2024risk 0.00cvss —epss 0.01
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.
- CVE-2024-34479Aug 7, 2024risk 0.00cvss —epss 0.01
SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.
- CVE-2024-34480Aug 7, 2024risk 0.00cvss —epss 0.01
SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.
- CVE-2024-7321Jul 31, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Registration Handler. The manipulation of the argument user leads to cross site…
- CVE-2024-7320Jul 31, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to…
- CVE-2024-7303Jul 31, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup…
- CVE-2024-6966Jul 22, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php of the component Login. The manipulation of the argument user/pass leads to sql injection. The…
- CVE-2024-6802Jul 17, 2024risk 0.00cvss —epss 0.10
A vulnerability, which was classified as critical, was found in SourceCodester Computer Laboratory Management System 1.0. Affected is an unknown function of the file /lms/classes/Master.php?f=save_record. The manipulation of the argument id leads to sql injection. It is possible…
- CVE-2024-6732Jul 14, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. This vulnerability affects unknown code of the file /sscdms/classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. The attack can be…
- CVE-2024-6731Jul 14, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. This affects an unknown part of the file /Master.php?f=save_student. The manipulation of the argument id leads to sql injection. It is possible to initiate…
- CVE-2024-6217Jun 21, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Food Ordering Management System 1.0. Affected by this vulnerability is an unknown functionality of the file user-router.php. The manipulation of the argument 1_verified leads to sql injection. The attack can be…
- CVE-2024-6216Jun 21, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file add-users.php. The manipulation of the argument contact leads to sql injection. It is possible to launch the attack remotely.…
- CVE-2024-6215Jun 21, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file view-ticket-admin.php. The manipulation of the argument id leads to sql injection. The attack may be…
- CVE-2024-6214Jun 21, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file add-item.php. The manipulation of the argument price leads to sql injection. The attack can be initiated…
- CVE-2024-6213Jun 21, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file login.php of the component Login Panel. The manipulation of the argument username leads to sql injection. It is…
- CVE-2024-31586Jun 20, 2024risk 0.00cvss —epss 0.00
A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters.
- CVE-2024-5517May 30, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file changepwd.php. The manipulation of the argument useremail leads to sql injection. The attack may be…
- CVE-2024-5516May 30, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be…
- CVE-2024-35583May 28, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
- CVE-2024-35581May 28, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.
- CVE-2024-35582May 28, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field.
- CVE-2024-34231May 13, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter.
- CVE-2024-34230May 13, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information parameter.
- CVE-2024-34225May 13, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters.
- CVE-2024-34224May 13, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters.
- CVE-2024-33305May 2, 2024risk 0.00cvss —epss 0.00
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User.
- CVE-2024-33306May 1, 2024risk 0.00cvss —epss 0.01
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User.
- CVE-2024-33307May 1, 2024risk 0.00cvss —epss 0.00
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.
- CVE-2024-33247Apr 25, 2024risk 0.00cvss —epss 0.01
Sourcecodester Employee Task Management System v1.0 is vulnerable to SQL Injection via admin-manage-user.php.
Page 3 of 9