CVE-2024-33302

SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting XSS via "Middle Name" under Add Users...

CVE-2024-33302

SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting XSS via "Middle Name" under Add Users...

PT-2024-25193 · Sourcecodester · Sourcecodester Product Show Room

Name of the Vulnerable Software and Affected Versions: SourceCodester Product Show Room version 1.0 Description: The issue concerns Cross Site Scripting XSS via the First Name field under Add Users. This allows for potential malicious script injection. Recommendations: For SourceCodester Product...

PT-2024-25192 · Sourcecodester · Product Show Room

Name of the Vulnerable Software and Affected Versions: SourceCodester Product Show Room versions 1.0 and before Description: The issue is related to Cross Site Scripting XSS via the Middle Name field under Add Users. This allows for potential malicious script injection. Recommendations: For...

CVE-2024-33303

SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting XSS via "First Name" under Add Users...

CVE-2024-33303

CVE-2024-33303 affects SourceCodester Product Show Room 1.0 with a Cross Site Scripting (XSS) vulnerability exploitable via the First Name field under Add Users. The NVD entry lists CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N with base score 8.2 (HIGH); impact is confidentiality high, integrit...

CVE-2024-33302

CVE-2024-33302 affects SourceCodester Product Show Room 1.0 and earlier. The vulnerability is a cross-site scripting (XSS) flaw in the Middle Name field under Add Users, enabling script injection. Per the CVSS data, the attack vector is local with low privileges, no user interaction required, and...

CVE-2024-33304

SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" under Add Users...

CVE-2024-33304

SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" under Add Users...

CVE-2024-33304

SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" under Add Users...

CVE-2024-33304

SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting XSS via "Last Name" under Add Users...

CVE-2024-33304

CVE-2024-33304 affects SourceCodester Product Show Room 1.0. A Cross Site Scripting (XSS) vulnerability exists via the "Last Name" field under Add Users, enabling script injection. The vulnerability is documented across multiple sources (NVD/Red Hat/CNVD/CVE list/PT-Security/Vulnrichment). The pr...

CVE-2023-45325

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database...

Sql injection

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database...

Online Food Ordering System SQL Injection Vulnerability

Online Food Ordering System is an online food ordering system by Carlo Montero, a personal developer. A SQL injection vulnerability exists in Online Food Ordering System v1.0, which is caused by insufficient filtering of the address parameter on the routers/add-users.php page...

PT-2023-29502 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The name parameter of the "routers/add-users.php" resource does not validate the input, making it vulnerable to SQ...

PT-2023-29504 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the role parameter of the "routers/add-users.php" resource does not validate the characters received...

PT-2023-29503 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the password parameter of the "routers/add-users.php" resource does not validate the characters...

PT-2023-29505 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The username parameter of the "routers/add-users.php" resource does not validate, allowing for potential SQL...

PT-2023-29508 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the verified parameter of the "routers/add-users.php" resource does not validate the characters...