Lucene search
+L

185 matches found

OSV
OSV
added 2024/10/22 5:15 p.m.6 views

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

7.5CVSS5.8AI score0.00502EPSS
Exploits1References1
NVD
NVD
added 2024/10/22 5:15 p.m.25 views

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

7.5CVSS0.00502EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.17 views

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

0.00502EPSS
Exploits1References1
CVE
CVE
added 2024/10/22 12:0 a.m.57 views

CVE-2024-48570

CVE-2024-48570 affects Client Management System 1.0. A SQL injection vulnerability exists in the Between Dates Reports parameter of the /admin/bwdates-reports-ds.php endpoint. The CVSS 3.1 base score is 7.5 (High) with Confidentiality impact High; no integrity/availability impact described. Conne...

7.5CVSS8.3AI score0.00502EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.7 views

PT-2024-33150 · Unknown · Client Management System

Name of the Vulnerable Software and Affected Versions: Client Management System version 1.0 Description: A SQL injection issue was discovered in the Client Management System via the Between Dates Reports parameter at the "/admin/bwdates-reports-ds.php" API endpoint. Recommendations: For Client...

7.5CVSS7.9AI score0.00502EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.3 views

Client Management System SQL注入漏洞

Client Management System is a system for managing customer relationships by an individual Indian developer Haneen Gufran. A security vulnerability exists in Client Management System version 1.0 that originates from SQL injection in the Between Dates Reports parameter of the...

7.5CVSS7.9AI score0.00502EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.21 views

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

8.5AI score0.00502EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.252 views

Client Management System 1.0 SQL Injection

============================================================================================================================================= | Title : Client ms Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64...

7.4AI score
Exploits0
NVD
NVD
added 2024/04/17 7:15 p.m.19 views

CVE-2024-30990

SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter...

9.8CVSS8.3AI score0.00628EPSS
Exploits1References1
NVD
NVD
added 2024/04/17 6:15 p.m.18 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

6.5CVSS7.1AI score0.00429EPSS
Exploits1References1
NVD
NVD
added 2024/04/17 6:15 p.m.15 views

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...

9.8CVSS8.3AI score0.00695EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-23706 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows an attacker to execute arbitrary SQL commands via the todate and fromdate parameters in the "B/W Dates Reports" page. This is a SQL Injection vulnerability, which c...

9.8CVSS8.1AI score0.00695EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.8 views

PT-2024-23709 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the "Search bar" in the /search-invoices.php endpoint. This is a Cross Site Scripting...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.14 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

7.6AI score0.00429EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.12 views

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...

8.7AI score0.00695EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.2 views

Client Management System 跨站脚本漏洞

PHPGurukul Client Management System is a client management system from the US-based PHPGurukul, Inc. Phpgurukul Client Management System suffers from a cross-site scripting vulnerability that originates from cross-site scripting contained in search-invoices.php, which allows an attacker to execut...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.3 views

PHPGurukul Client Management System 安全漏洞

PHPGurukul Client Management System is a client management system from the U.S.-based PHPGurukul, Inc. A security vulnerability exists in PHPGurukul Client Management System version 1.1, which originates from the presence of cross-site scripting that allows an attacker to execute arbitrary code a...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.13 views

CVE-2024-30990

SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter...

8.7AI score0.00628EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.34 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

7.3AI score0.00429EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.24 views

CVE-2024-30988

Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar...

7AI score0.00576EPSS
Exploits1References1
Rows per page
Query Builder