3502 matches found
CVE-2024-25316
CVE-2024-25316 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL Injection in the endpoint Hotel/admin/usersettingdel.php?eid=2, via the eid parameter. Affected component: the usersettingdel handling code under Hotel/admin. Impact is described as high/critical in CVSS ...
CVE-2024-25313
The CVE-2024-25313 entry concerns Code-projects Simple School Managment System 1.0 with an authentication bypass in School/teacher_login.php via the username and password parameters. Public documents consistently describe bypass of authentication (high impact: confidentiality, integrity, availabi...
CVE-2024-25314
Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25314. The vulnerability is a SQL Injection via the sid parameter in Hotel/admin/show.php?sid=2, impacting confidentiality, integrity, and availability (CVSS v3.1: 9.8). The available documents identify the affected component and th...
CVE-2024-25306
CVE-2024-25306 affects Code-projects Simple School Managment System 1.0. The vulnerability is a SQL injection via the aname parameter in School/index.php , caused by lack of input validation. Impact is described as high on confidentiality, integrity, and availability per CVSS 3.1 (AV:N/AC:L/PR:L/...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25318, where the pid parameter in Hotel/admin/print.php?pid=2 enables SQL injection. Root cause is unsafe handling/validation of the pid value, permitting attacker-crafted queries that could disclose or manipulate data. CVSS 3.1 bas...
CVE-2024-25312
CVE-2024-25312 affects Code-projects Simple School Managment System 1.0. Affected component: the id parameter in the endpoint at School/sub_delete.php?id=5, where lack of input validation enables SQL Injection. This is documented across multiple sources (NVD/Red Hat/CNVD/CVE listing) and describe...
CVE-2024-25304
The CVE-2024-25304 affects Code-projects Simple School Management System 1.0, where an SQL Injection flaw exists in the School/index.php entry point via the 'apass' parameter. The root cause is lack of input validation for this parameter, enabling attackers to manipulate queries and potentially a...
PT-2024-20880 · Code Projects · Code-Projects Simple School Managment System
Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the id parameter at the "School/delete.php?id=5" endpoint. This means an attacker could potentially inject malicious SQL code by...
CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
CVE-2024-25304
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 is affected by a SQL Injection in the endpoint School/delete.php?id=5. The vulnerability stems from unsanitized input in the id parameter, enabling arbitrary SQL execution with potential impact on confidentiality, integrity, and availability (CVSSv...
CVE-2024-25315
CVE-2024-25315 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL injection via the rid parameter in Hotel/admin/roombook.php?rid=2, arising from unsanitized input in that endpoint. CVSS v3.1 metrics show a CRITICAL impact (C:H, I:H, A:H) with NETWORK attack vector and ...
CVE-2024-25305
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php...
CVE-2024-25314
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."...
CVE-2024-25309
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacherlogin.php...
CVE-2024-25305
CVE-2024-25305 affects Code-projects Simple School Managment System 1.0. The issue is an authentication bypass via the username and password parameters on the School/index.php endpoint, enabling bypass of login to gain administrative access. The connected documents corroborate the vulnerability a...
CVE-2024-0722
A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...