TCSWT
Products
4- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-36034 | Cri | 0.64 | 9.8 | 0.01 | Aug 11, 2023 | SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php. | ||
| CVE-2020-36033 | Cri | 0.64 | 9.8 | 0.01 | Jul 22, 2021 | SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php. | ||
| CVE-2021-25779 | Cri | 0.64 | 9.8 | 0.01 | Feb 17, 2021 | Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page. | ||
| CVE-2021-25201 | Hig | 0.49 | 7.5 | 0.02 | Jul 23, 2021 | SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information. | ||
| CVE-2021-25780 | Hig | 0.47 | 7.2 | 0.02 | Feb 17, 2021 | An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell. |
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php.
- risk 0.64cvss 9.8epss 0.01
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
- risk 0.49cvss 7.5epss 0.02
SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.
- risk 0.47cvss 7.2epss 0.02
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.