Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if...
9.8CVSS
8AI Score
0.004EPSS
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses...
9.8CVSS
9.5AI Score
0.04EPSS
Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php,....
9.8CVSS
8.3AI Score
0.268EPSS