129 matches found
CVE-2024-42773
An Incorrect Access Control vulnerability was found in /admin/editroomcontroller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section...
CVE-2024-42767
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/addroomcontroller.php...
CVE-2024-42767
Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/addroomcontroller.php...
CVE-2024-3365
A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument username leads to cross site scripting. The attack may be initiated remotely...
CVE-2024-2676
A vulnerability, which was classified as critical, was found in Campcodes Online Job Finder System 1.0. Affected is an unknown function of the file /admin/company/controller.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-2672
A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/user/controller.php. The manipulation of the argument UESRID leads to sql injection. The attack may be launched remotely. The...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the UESRID parameter of the /admin/user/controller.php file...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from an SQL injection vulnerability in the id parameter of the /admin/company/controller.php file...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the CATEGORYID parameter of the /admin/category/controller.p...
PT-2024-21511 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /admin/applicants/controller.php. The manipulation of the JOBREGID argument leads to SQL...
Campcodes Online Job Finder System SQL Injection Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a SQL injection vulnerability in the EMPLOYEEID parameter of the /admin/employee/controller.p...
Campcodes Online Job Finder System Security Vulnerability
Campcodes Online Job Finder System is an online job finder system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which originates from a cross-site scripting vulnerability in the EMPLOYEEID parameter of the...
PT-2024-21466 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue affects the processing of the file /admin/employee/controller.php of the component GET Parameter Handler. The manipulation of the EMPLOYEEID argument leads to SQL...
PT-2024-21508 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown functionality of the file /admin/category/controller.php. The manipulation of the CATEGORYID argument lead...
PT-2024-21503 · Unknown · Campcodes Online Job Finder System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Job Finder System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/company/controller.php. The manipulation of the id argument leads to SQL injection. It is...
Gacjie Server Code Issue Vulnerability
Gacjie Server is a platform for monitoring cloud services. A code issue vulnerability exists in Gacjie Server version 1.0 and earlier, which stems from the parameter file in file /app/admin/controller/Upload.php that can lead to unrestricted uploads...
PT-2024-17667 · Juanpao · Juanpao Jpshop
Name of the Vulnerable Software and Affected Versions: Juanpao JPShop versions up to 1.5.02 Description: A critical issue affects some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the app pic url argument leads to...
PT-2023-29775 · Unknown · Thirty Bees Core
Name of the Vulnerable Software and Affected Versions: Thirty Bees Core version 1.4.0 Description: The issue is a reflected cross-site scripting XSS vulnerability. It allows attackers to execute arbitrary JavaScript in a user's web browser via a crafted payload. The vulnerability is exploited...
PT-2023-22794 · Yfcmf · Yfcmf
Name of the Vulnerable Software and Affected Versions: YFCMF versions up to 3.0.4 Description: A problematic issue affects the processing of the file app/admin/controller/Ajax.php. The manipulation of the controllername argument leads to path traversal, allowing an attacker to access files using...
CLTPHP 代码问题漏洞
CLTPHP is an open source PHP content management system for efficient website building. A security vulnerability exists in CLTPHP 6.0 and earlier versions, which originates from an attacker being able to upload dangerous types of files without restriction via...