Vendor CVEs
Sourcecodester
All CVEs
1,696 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2017 | 0.00 | — | 0.01 | Jun 7, 2022 | A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input… | |||
| CVE-2022-1980 | 0.00 | — | 0.01 | Jun 2, 2022 | A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as problematic. This issue affects the file /admin/?page=system_info/contact_info. The manipulation of the textbox Telephone with the input leads to cross site… | |||
| CVE-2022-1979 | 0.00 | — | 0.01 | Jun 2, 2022 | A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input leads to cross site scripting. The attack can be… | |||
| CVE-2022-29659 | 0.00 | — | 0.02 | Jun 1, 2022 | Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php. | |||
| CVE-2022-29627 | 0.00 | — | 0.01 | May 27, 2022 | An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers. | |||
| CVE-2022-29628 | 0.00 | — | 0.00 | May 27, 2022 | A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter. | |||
| CVE-2022-1840 | 0.00 | — | 0.01 | May 24, 2022 | A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input leads to cross site scripting. The attack may be… | |||
| CVE-2022-1839 | 0.00 | — | 0.01 | May 24, 2022 | A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/'frfq… | |||
| CVE-2022-1838 | 0.00 | — | 0.01 | May 24, 2022 | A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AN… | |||
| CVE-2022-30015 | 0.00 | — | 0.01 | May 23, 2022 | In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss. | |||
| CVE-2022-30014 | 0.00 | — | 0.01 | May 23, 2022 | Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account. | |||
| CVE-2022-28531 | 0.00 | — | 0.14 | May 20, 2022 | Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field. | |||
| CVE-2022-29738 | 0.00 | — | 0.01 | May 12, 2022 | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. | |||
| CVE-2022-29739 | 0.00 | — | 0.01 | May 12, 2022 | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. | |||
| CVE-2022-29746 | 0.00 | — | 0.01 | May 12, 2022 | Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. | |||
| CVE-2022-28530 | 0.00 | — | 0.01 | May 5, 2022 | Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory. | |||
| CVE-2022-28533 | 0.00 | — | 0.01 | May 5, 2022 | Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php. | |||
| CVE-2022-28568 | 0.00 | — | 0.04 | May 4, 2022 | Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored. | |||
| CVE-2022-28512 | 0.00 | — | 0.01 | May 4, 2022 | A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters. | |||
| CVE-2022-28006 | 0.00 | — | 0.01 | Apr 21, 2022 | Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php. | |||
| CVE-2022-28012 | 0.00 | — | 0.01 | Apr 21, 2022 | Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php. | |||
| CVE-2022-28014 | 0.00 | — | 0.01 | Apr 21, 2022 | Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php. | |||
| CVE-2022-28019 | 0.00 | — | 0.01 | Apr 21, 2022 | Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php. | |||
| CVE-2022-28020 | 0.00 | — | 0.01 | Apr 21, 2022 | Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php. | |||
| CVE-2022-28028 | 0.00 | — | 0.01 | Apr 21, 2022 | Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_amenity. | |||
| CVE-2022-28030 | 0.00 | — | 0.01 | Apr 21, 2022 | Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_estate. | |||
| CVE-2022-28410 | 0.00 | — | 0.01 | Apr 21, 2022 | Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent. | |||
| CVE-2021-43633 | 0.00 | — | 0.01 | Apr 14, 2022 | Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat. | |||
| CVE-2022-28063 | 0.00 | — | 0.01 | Apr 4, 2022 | Simple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products. | |||
| CVE-2021-43506 | 0.00 | — | 0.02 | Mar 31, 2022 | An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php. | |||
| CVE-2021-43505 | 0.00 | — | 0.01 | Mar 31, 2022 | Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice. | |||
| CVE-2022-1083 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc… | |||
| CVE-2022-1082 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The… | |||
| CVE-2022-1081 | 0.00 | — | 0.01 | Mar 29, 2022 | A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site… | |||
| CVE-2022-25222 | 0.00 | — | 0.02 | Mar 23, 2022 | Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter. | |||
| CVE-2021-44088 | 0.00 | — | 0.03 | Mar 17, 2022 | An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters. | |||
| CVE-2022-25399 | 0.00 | — | 0.01 | Mar 2, 2022 | Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter. | |||
| CVE-2021-43509 | 0.00 | — | 0.02 | Feb 1, 2022 | SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php. | |||
| CVE-2021-44114 | 0.00 | — | 0.01 | Jan 31, 2022 | Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function. | |||
| CVE-2021-34073 | 0.00 | — | 0.01 | Jan 28, 2022 | A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php. | |||
| CVE-2021-44249 | 0.00 | — | 0.02 | Jan 28, 2022 | Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials. | |||
| CVE-2020-25905 | 0.00 | — | 0.02 | Jan 28, 2022 | An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php. | |||
| CVE-2021-46428 | 0.00 | — | 0.03 | Jan 27, 2022 | A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php. | |||
| CVE-2021-46427 | 0.00 | — | 0.02 | Jan 27, 2022 | An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php. | |||
| CVE-2022-22850 | 0.00 | — | 0.01 | Jan 26, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. | |||
| CVE-2022-22851 | 0.00 | — | 0.01 | Jan 26, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php | |||
| CVE-2021-46451 | 0.00 | — | 0.01 | Jan 24, 2022 | An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the load_file function. | |||
| CVE-2021-43420 | 0.00 | — | 0.01 | Jan 24, 2022 | SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. | |||
| CVE-2021-41929 | 0.00 | — | 0.01 | Jan 24, 2022 | Cross Site Scripting (XSS) in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page. | |||
| CVE-2021-41660 | 0.00 | — | 0.01 | Jan 24, 2022 | SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php. |
- CVE-2022-2017Jun 7, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input…
- CVE-2022-1980Jun 2, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been rated as problematic. This issue affects the file /admin/?page=system_info/contact_info. The manipulation of the textbox Telephone with the input leads to cross site…
- CVE-2022-1979Jun 2, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input leads to cross site scripting. The attack can be…
- CVE-2022-29659Jun 1, 2022risk 0.00cvss —epss 0.02
Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php.
- CVE-2022-29627May 27, 2022risk 0.00cvss —epss 0.01
An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.
- CVE-2022-29628May 27, 2022risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter.
- CVE-2022-1840May 24, 2022risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input leads to cross site scripting. The attack may be…
- CVE-2022-1839May 24, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/'frfq…
- CVE-2022-1838May 24, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AN…
- CVE-2022-30015May 23, 2022risk 0.00cvss —epss 0.01
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
- CVE-2022-30014May 23, 2022risk 0.00cvss —epss 0.01
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
- CVE-2022-28531May 20, 2022risk 0.00cvss —epss 0.14
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field.
- CVE-2022-29738May 12, 2022risk 0.00cvss —epss 0.01
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id.
- CVE-2022-29739May 12, 2022risk 0.00cvss —epss 0.01
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.
- CVE-2022-29746May 12, 2022risk 0.00cvss —epss 0.01
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete.
- CVE-2022-28530May 5, 2022risk 0.00cvss —epss 0.01
Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory.
- CVE-2022-28533May 5, 2022risk 0.00cvss —epss 0.01
Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php.
- CVE-2022-28568May 4, 2022risk 0.00cvss —epss 0.04
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
- CVE-2022-28512May 4, 2022risk 0.00cvss —epss 0.01
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters.
- CVE-2022-28006Apr 21, 2022risk 0.00cvss —epss 0.01
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php.
- CVE-2022-28012Apr 21, 2022risk 0.00cvss —epss 0.01
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php.
- CVE-2022-28014Apr 21, 2022risk 0.00cvss —epss 0.01
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php.
- CVE-2022-28019Apr 21, 2022risk 0.00cvss —epss 0.01
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php.
- CVE-2022-28020Apr 21, 2022risk 0.00cvss —epss 0.01
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php.
- CVE-2022-28028Apr 21, 2022risk 0.00cvss —epss 0.01
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_amenity.
- CVE-2022-28030Apr 21, 2022risk 0.00cvss —epss 0.01
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_estate.
- CVE-2022-28410Apr 21, 2022risk 0.00cvss —epss 0.01
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent.
- CVE-2021-43633Apr 14, 2022risk 0.00cvss —epss 0.01
Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat.
- CVE-2022-28063Apr 4, 2022risk 0.00cvss —epss 0.01
Simple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products.
- CVE-2021-43506Mar 31, 2022risk 0.00cvss —epss 0.02
An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.
- CVE-2021-43505Mar 31, 2022risk 0.00cvss —epss 0.01
Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.
- CVE-2022-1083Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc…
- CVE-2022-1082Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The…
- CVE-2022-1081Mar 29, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site…
- CVE-2022-25222Mar 23, 2022risk 0.00cvss —epss 0.02
Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter.
- CVE-2021-44088Mar 17, 2022risk 0.00cvss —epss 0.03
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.
- CVE-2022-25399Mar 2, 2022risk 0.00cvss —epss 0.01
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.
- CVE-2021-43509Feb 1, 2022risk 0.00cvss —epss 0.02
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php.
- CVE-2021-44114Jan 31, 2022risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.
- CVE-2021-34073Jan 28, 2022risk 0.00cvss —epss 0.01
A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php.
- CVE-2021-44249Jan 28, 2022risk 0.00cvss —epss 0.02
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials.
- CVE-2020-25905Jan 28, 2022risk 0.00cvss —epss 0.02
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php.
- CVE-2021-46428Jan 27, 2022risk 0.00cvss —epss 0.03
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php.
- CVE-2021-46427Jan 27, 2022risk 0.00cvss —epss 0.02
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
- CVE-2022-22850Jan 26, 2022risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types.
- CVE-2022-22851Jan 26, 2022risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php
- CVE-2021-46451Jan 24, 2022risk 0.00cvss —epss 0.01
An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the load_file function.
- CVE-2021-43420Jan 24, 2022risk 0.00cvss —epss 0.01
SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.
- CVE-2021-41929Jan 24, 2022risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page.
- CVE-2021-41660Jan 24, 2022risk 0.00cvss —epss 0.01
SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php.
Page 33 of 34