WordPress Business Card plugin <= 1.0.0 - Admin+ File Upload vulnerability

Admin+ File Upload vulnerability discovered by Anjo Rev Tingson in WordPress Plugin Business Card versions = 1.0.0...

CVE-2024-5807 Business Card <= 1.0.0 - Admin+ File Upload

The Business Card WordPress plugin through 1.0.0 does not prevent high privilege users like administrators from uploading malicious PHP files, which could allow them to run arbitrary code on servers hosting their site, even in MultiSite configurations...

CVE-2024-7191

A vulnerability, which was classified as critical, has been found in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/getbalance.php. The manipulation of the argument studentid leads to sql injection. The attack may be launched...

PT-2024-35783 · Unknown · Phpgurukul Zoo Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue has been found in the PHPGurukul Zoo Management System, affecting the /admin/foreigner-search.php file. The manipulation of the searchdata argument leads to SQL...

PT-2024-32266 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A problematic issue was found in the file /view/conversation history admin.php, where the manipulation of the conversation id argument leads to cross site scriptin...

PT-2024-25787 · Cmseasy · Cmseasy

Name of the Vulnerable Software and Affected Versions: CmsEasy version 7.7.7.9 Description: A local file inclusion issue was discovered, allowing attackers to read arbitrary files via the file get contents function in the fckedit action method of /admin/template admin.php. Recommendations: For...

cmseasy 安全漏洞

CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy Technology CmsEasy. A security vulnerability exists in cmseasy version v7.7.7.9, which originates from a path traversal vulnerability in the lib/admin/image.admin.php file...

WordPress Everest Backup plugin < 2.2.5 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Emad in WordPress Plugin Everest Backup versions 2.2.5...

PT-2024-27676 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro version 2.2.10 Description: A vulnerability was found in the file /admin/twitter.php of the component Whisper Page, leading to cross site scripting. The attack can be initiated remotely. The vendor was contacted early about this...

CVE-2024-31506

Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "id" parameter in admin/admincs.php...

PT-2024-25768 · Sourcecodester · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue was found in the admin/activateall.php file, where the manipulation of the selector argument leads to SQL injection. This issue can be exploited remotely...

PT-2024-25749 · Sourcecodester · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue has been identified, affecting the file admin/activatestud.php. The manipulation of the selector argument leads to SQL injection. This issue can be exploited remotely...

PT-2024-25368 · Unknown · Sourcecodester Online Library System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Library System version 1.0 Description: A critical issue was found in the SourceCodester Online Library System, affecting an unknown function of the file admin/books/index.php. The manipulation of the id argument leads t...

CVE-2024-3253

A vulnerability classified as critical was found in SourceCodester Internship Portal Management System 1.0. This vulnerability affects unknown code of the file admin/addadmin.php. The manipulation of the argument name/username/password leads to sql injection. The attack can be initiated remotely...

PT-2024-24649 · Sourcecodester · Sourcecodester Internship Portal Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Internship Portal Management System. This issue affects the file admin/add admin.php and is related to the...

PT-2024-24701 · Sourcecodester · Sourcecodester Internship Portal Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical issue was found in the SourceCodester Internship Portal Management System. The problem affects the file admin/add activity.php, where the manipulation of t...

PT-2024-22033 · Unknown · Campcodes Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Marriage Registration System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown part of the file /admin/application-bwdates-reports-details.php. The manipulation of the fromdate...

PT-2024-22029 · Unknown · Campcodes Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Marriage Registration System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/application-bwdates-reports-details.php. The manipulation of the...

CVE-2024-2714

A vulnerability has been found in Campcodes Complete Online DJ Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/booking-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The...

PT-2024-21513 · Unknown · Campcodes Online Job Finder System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A problem was found in the system, affecting the /admin/user/index.php file. The issue involves the manipulation of the view argument, leading to cross-site scripting. This can be...