3502 matches found
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacherlogin.php...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/subdelete.php?id=5."...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacherlogin.php...
Authentication flaw
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
Authentication flaw
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php...
CVE-2024-25307
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."...
CVE-2024-25316
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."...
CVE-2024-25315
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 is affected by a SQL Injection in the endpoint School/delete.php?id=5. The vulnerability stems from unsanitized input in the id parameter, enabling arbitrary SQL execution with potential impact on confidentiality, integrity, and availability (CVSSv...
CVE-2024-25316
CVE-2024-25316 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL Injection in the endpoint Hotel/admin/usersettingdel.php?eid=2, via the eid parameter. Affected component: the usersettingdel handling code under Hotel/admin. Impact is described as high/critical in CVSS ...
CVE-2024-25314
Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25314. The vulnerability is a SQL Injection via the sid parameter in Hotel/admin/show.php?sid=2, impacting confidentiality, integrity, and availability (CVSS v3.1: 9.8). The available documents identify the affected component and th...
CVE-2024-25308
CVE-2024-25308 concerns Code-projects Simple School Managment System 1.0, where an SQL injection flaw exists in the teacher_login.php endpoint via the name parameter. The CVSS metrics included with the entry indicate a high impact: base score 8.8 (Confidentiality, Integrity, Availability all High...
CVE-2024-25305
CVE-2024-25305 affects Code-projects Simple School Managment System 1.0. The issue is an authentication bypass via the username and password parameters on the School/index.php endpoint, enabling bypass of login to gain administrative access. The connected documents corroborate the vulnerability a...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25318, where the pid parameter in Hotel/admin/print.php?pid=2 enables SQL injection. Root cause is unsafe handling/validation of the pid value, permitting attacker-crafted queries that could disclose or manipulate data. CVSS 3.1 bas...
CVE-2024-25315
CVE-2024-25315 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL injection via the rid parameter in Hotel/admin/roombook.php?rid=2, arising from unsanitized input in that endpoint. CVSS v3.1 metrics show a CRITICAL impact (C:H, I:H, A:H) with NETWORK attack vector and ...
CVE-2024-25313
The CVE-2024-25313 entry concerns Code-projects Simple School Managment System 1.0 with an authentication bypass in School/teacher_login.php via the username and password parameters. Public documents consistently describe bypass of authentication (high impact: confidentiality, integrity, availabi...