Vendor CVEs
Oretnom23
All CVEs
440 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31545 | 0.00 | — | 0.01 | Apr 22, 2024 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. | |||
| CVE-2024-31546 | 0.00 | — | 0.01 | Apr 19, 2024 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. | |||
| CVE-2024-3695 | 0.00 | — | 0.01 | Apr 12, 2024 | A vulnerability has been found in SourceCodester Computer Laboratory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be… | |||
| CVE-2024-31678 | 0.00 | — | 0.01 | Apr 11, 2024 | Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file. | |||
| CVE-2024-3377 | 0.00 | — | 0.01 | Apr 6, 2024 | A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to cross site… | |||
| CVE-2024-3376 | 0.00 | — | 0.01 | Apr 6, 2024 | A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack… | |||
| CVE-2024-3316 | 0.00 | — | 0.01 | Apr 4, 2024 | A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/view_category.php. The manipulation of the argument id leads to sql… | |||
| CVE-2024-3315 | 0.00 | — | 0.01 | Apr 4, 2024 | A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file classes/user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the… | |||
| CVE-2024-3314 | 0.00 | — | 0.01 | Apr 4, 2024 | A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The… | |||
| CVE-2024-3251 | 0.00 | — | 0.01 | Apr 3, 2024 | A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/?page=borrow/view_borrow. The manipulation of the argument id leads to sql injection. The… | |||
| CVE-2024-3140 | 0.00 | — | 0.01 | Apr 1, 2024 | A vulnerability, which was classified as problematic, was found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file /classes/Users.php?f=save. The manipulation of the argument middlename leads to cross site scripting. It is… | |||
| CVE-2024-3139 | 0.00 | — | 0.00 | Apr 1, 2024 | A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper… | |||
| CVE-2024-3131 | 0.00 | — | 0.01 | Apr 1, 2024 | A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_category. The manipulation of the argument id leads to sql injection. The… | |||
| CVE-2024-2577 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be… | |||
| CVE-2024-2576 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the… | |||
| CVE-2024-2575 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass.… | |||
| CVE-2024-2574 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can… | |||
| CVE-2024-2573 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit… | |||
| CVE-2024-2572 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The… | |||
| CVE-2024-2571 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The… | |||
| CVE-2024-2570 | 0.00 | — | 0.01 | Mar 18, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. The… | |||
| CVE-2024-2569 | 0.00 | — | 0.01 | Mar 17, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The attack may be launched… | |||
| CVE-2024-2556 | 0.00 | — | 0.01 | Mar 17, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the… | |||
| CVE-2024-2555 | 0.00 | — | 0.01 | Mar 17, 2024 | A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be… | |||
| CVE-2024-2554 | 0.00 | — | 0.01 | Mar 17, 2024 | A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The… | |||
| CVE-2024-1199 | 0.00 | — | 0.01 | Feb 3, 2024 | A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file \employee-tasks-php\attendance-info.php. The manipulation of the argument aten_id leads to denial… | |||
| CVE-2023-30016 | 0.00 | — | 0.01 | Jan 12, 2024 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_details_edit.php. | |||
| CVE-2023-30015 | 0.00 | — | 0.01 | Jan 12, 2024 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via txtsearch parameter in review_search.php. | |||
| CVE-2023-30014 | 0.00 | — | 0.01 | Jan 12, 2024 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat_update.php. | |||
| CVE-2023-6312 | 0.00 | — | 0.01 | Nov 27, 2023 | A vulnerability was found in SourceCodester Loan Management System 1.0. It has been classified as critical. Affected is the function delete_user of the file deleteUser.php of the component Users Page. The manipulation of the argument user_id leads to sql injection. It is… | |||
| CVE-2023-6311 | 0.00 | — | 0.01 | Nov 27, 2023 | A vulnerability was found in SourceCodester Loan Management System 1.0 and classified as critical. This issue affects the function delete_ltype of the file delete_ltype.php of the component Loan Type Page. The manipulation of the argument ltype_id leads to sql injection. The… | |||
| CVE-2023-6310 | 0.00 | — | 0.01 | Nov 27, 2023 | A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function delete_borrower of the file deleteBorrower.php. The manipulation of the argument borrower_id leads to sql injection. The attack can be… | |||
| CVE-2023-43458 | 0.00 | — | 0.01 | Sep 25, 2023 | Cross Site Scripting (XSS) vulnerability in Resort Reservation System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description parameters in the manage_room function. | |||
| CVE-2023-5021 | 0.00 | — | 0.00 | Sep 17, 2023 | A vulnerability, which was classified as problematic, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file admin/?page=system_info/contact_information. The manipulation of the argument telephone/mobile/address leads to cross… | |||
| CVE-2023-36317 | 0.00 | — | 0.01 | Aug 23, 2023 | Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL. | |||
| CVE-2023-37068 | 0.00 | — | 0.01 | Aug 9, 2023 | Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username… | |||
| CVE-2023-4193 | 0.00 | — | 0.01 | Aug 7, 2023 | A vulnerability has been found in SourceCodester Resort Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_fee.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2023-4192 | 0.00 | — | 0.01 | Aug 6, 2023 | A vulnerability, which was classified as critical, was found in SourceCodester Resort Reservation System 1.0. This affects an unknown part of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2023-4191 | 0.00 | — | 0.01 | Aug 6, 2023 | A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be… | |||
| CVE-2023-3988 | 0.00 | — | 0.01 | Jul 28, 2023 | A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be… | |||
| CVE-2023-3678 | 0.00 | — | 0.00 | Jul 15, 2023 | A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_inquiry of the component HTTP POST Request Handler. The… | |||
| CVE-2023-3661 | 0.00 | — | 0.00 | Jul 13, 2023 | A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. It is possible to initiate… | |||
| CVE-2023-3659 | 0.00 | — | 0.00 | Jul 13, 2023 | A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to… | |||
| CVE-2023-3658 | 0.00 | — | 0.00 | Jul 13, 2023 | A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=delete_book of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql… | |||
| CVE-2023-3657 | 0.00 | — | 0.00 | Jul 13, 2023 | A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=save_book of the component HTTP POST Request Handler. The manipulation of the argument id… | |||
| CVE-2023-3619 | 0.00 | — | 0.00 | Jul 11, 2023 | A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical. This issue affects some unknown processing of the file Master.php?f=save_service of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql… | |||
| CVE-2023-3309 | 0.00 | — | 0.01 | Jun 18, 2023 | A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to… | |||
| CVE-2023-3003 | 0.00 | — | 0.01 | May 31, 2023 | A vulnerability classified as critical was found in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_prices.php of the component GET Parameter Handler. The manipulation of the argument id leads to… | |||
| CVE-2023-29985 | 0.00 | — | 0.01 | May 18, 2023 | Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from has a SQL Injection vulnerability. | |||
| CVE-2023-2656 | 0.00 | — | 0.01 | May 11, 2023 | A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to launch the… |
- CVE-2024-31545Apr 22, 2024risk 0.00cvss —epss 0.01
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
- CVE-2024-31546Apr 19, 2024risk 0.00cvss —epss 0.01
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.
- CVE-2024-3695Apr 12, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Computer Laboratory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be…
- CVE-2024-31678Apr 11, 2024risk 0.00cvss —epss 0.01
Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection via the "password" parameter in the "login.php" file.
- CVE-2024-3377Apr 6, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to cross site…
- CVE-2024-3376Apr 6, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack…
- CVE-2024-3316Apr 4, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/view_category.php. The manipulation of the argument id leads to sql…
- CVE-2024-3315Apr 4, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file classes/user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the…
- CVE-2024-3314Apr 4, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The…
- CVE-2024-3251Apr 3, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/?page=borrow/view_borrow. The manipulation of the argument id leads to sql injection. The…
- CVE-2024-3140Apr 1, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file /classes/Users.php?f=save. The manipulation of the argument middlename leads to cross site scripting. It is…
- CVE-2024-3139Apr 1, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper…
- CVE-2024-3131Apr 1, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_category. The manipulation of the argument id leads to sql injection. The…
- CVE-2024-2577Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization bypass. The attack can be…
- CVE-2024-2576Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is possible to initiate the…
- CVE-2024-2575Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to authorization bypass.…
- CVE-2024-2574Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can…
- CVE-2024-2573Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attack remotely. The exploit…
- CVE-2024-2572Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The…
- CVE-2024-2571Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The…
- CVE-2024-2570Mar 18, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. The…
- CVE-2024-2569Mar 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The attack may be launched…
- CVE-2024-2556Mar 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the…
- CVE-2024-2555Mar 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be…
- CVE-2024-2554Mar 17, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The…
- CVE-2024-1199Feb 3, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file \employee-tasks-php\attendance-info.php. The manipulation of the argument aten_id leads to denial…
- CVE-2023-30016Jan 12, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_details_edit.php.
- CVE-2023-30015Jan 12, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via txtsearch parameter in review_search.php.
- CVE-2023-30014Jan 12, 2024risk 0.00cvss —epss 0.01
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat_update.php.
- CVE-2023-6312Nov 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Loan Management System 1.0. It has been classified as critical. Affected is the function delete_user of the file deleteUser.php of the component Users Page. The manipulation of the argument user_id leads to sql injection. It is…
- CVE-2023-6311Nov 27, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Loan Management System 1.0 and classified as critical. This issue affects the function delete_ltype of the file delete_ltype.php of the component Loan Type Page. The manipulation of the argument ltype_id leads to sql injection. The…
- CVE-2023-6310Nov 27, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function delete_borrower of the file deleteBorrower.php. The manipulation of the argument borrower_id leads to sql injection. The attack can be…
- CVE-2023-43458Sep 25, 2023risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in Resort Reservation System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description parameters in the manage_room function.
- CVE-2023-5021Sep 17, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file admin/?page=system_info/contact_information. The manipulation of the argument telephone/mobile/address leads to cross…
- CVE-2023-36317Aug 23, 2023risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL.
- CVE-2023-37068Aug 9, 2023risk 0.00cvss —epss 0.01
Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username…
- CVE-2023-4193Aug 7, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Resort Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_fee.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The…
- CVE-2023-4192Aug 6, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Resort Reservation System 1.0. This affects an unknown part of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2023-4191Aug 6, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be…
- CVE-2023-3988Jul 28, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in Cafe Billing System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Order Handler. The manipulation of the argument id leads to sql injection. The attack can be…
- CVE-2023-3678Jul 15, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_inquiry of the component HTTP POST Request Handler. The…
- CVE-2023-3661Jul 13, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. It is possible to initiate…
- CVE-2023-3659Jul 13, 2023risk 0.00cvss —epss 0.00
A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to…
- CVE-2023-3658Jul 13, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=delete_book of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql…
- CVE-2023-3657Jul 13, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=save_book of the component HTTP POST Request Handler. The manipulation of the argument id…
- CVE-2023-3619Jul 11, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical. This issue affects some unknown processing of the file Master.php?f=save_service of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql…
- CVE-2023-3309Jun 18, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file ?page=rooms of the component Manage Room Page. The manipulation of the argument Cottage Number leads to…
- CVE-2023-3003May 31, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_prices.php of the component GET Parameter Handler. The manipulation of the argument id leads to…
- CVE-2023-29985May 18, 2023risk 0.00cvss —epss 0.01
Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from has a SQL Injection vulnerability.
- CVE-2023-2656May 11, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to launch the…
Page 4 of 9