CVE-2024-0469 code-projects Human Resource Integrated System update_personal_info.php sql injection

A vulnerability was found in code-projects Human Resource Integrated System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatepersonalinfo.php. The manipulation of the argument sex leads to sql injection. The attack may be launched remotely. Th...

CVE-2024-0468 code-projects Fighting Cock Information System new-father.php unrestricted upload

A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can...

Cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...

CVE-2024-0467 code-projects Employee Profile Management System edit_position_query.php cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...

CVE-2024-0465

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...

Sql injection

A vulnerability classified as critical has been found in code-projects Online Faculty Clearance 1.0. This affects an unknown part of the file deletefaculty.php of the component HTTP GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the...

Sql injection

A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...

CVE-2024-0466 code-projects Employee Profile Management System file_table.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...

CVE-2024-0466

The CVE-2024-0466 entry covers code-projects Employee Profile Management System 1.0 with a SQL injection in file_table.php via the per_id argument. Root cause: unsafely processed per_id leads to injection risk. Impact: potential unauthorized data access/modify across the application (as described...

CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...

CVE-2024-0465

CVE-2024-0465 affects code-projects Employee Profile Management System 1.0, with the vulnerable path in the file download.php . The vulnerability stems from manipulating the download_file argument, enabling a path traversal to “../filedir”. Public disclosure of the exploit is noted. Several conne...

CVE-2024-0464

CVE-2024-0464 affects code-projects Online Faculty Clearance 1.0. The vulnerability is in the HTTP GET Request Handler, specifically the delete_faculty.php file, where manipulating the id argument leads to an SQL injection. The issue enables remote exploitation and has been disclosed publicly. Mu...

Sql injection

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /production/designeeviewstatus.php of the component HTTP POST Request Handler. The manipulation of the argument haydi...

Sql injection

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /production/adminviewinfo.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql...

CVE-2024-0463 code-projects Online Faculty Clearance HTTP POST Request admin_view_info.php sql injection

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /production/adminviewinfo.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql...

CVE-2024-0463

CVE-2024-0463 affects code-projects Online Faculty Clearance 1.0. The vulnerability is a SQL injection in the HTTP POST Request Handler for the file /production/admin_view_info.php, triggered by manipulating the haydi parameter. Attackers can exploit remotely, and the exploit has been disclosed p...

CVE-2024-0462

CVE-2024-0462 affects code-projects Online Faculty Clearance 1.0. The vulnerability is an SQL injection in the file /production/designee_view_status.php (HTTP POST Handler) via the haydi parameter. The issue arises in an unknown functionality that handles POST data; exploitation can be performed ...

Sql injection

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been classified as critical. Affected is an unknown function of the file deactivate.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql injection. It is possible to laun...

CVE-2024-0461

CVE-2024-0461 affects code-projects Online Faculty Clearance 1.0, specifically the deactivate.php file in the HTTP POST Request Handler. The vulnerability arises from unsafely handling the haydi parameter, enabling SQL injection that can be exploited remotely. Multiple sources corroborate the iss...

CVE-2024-0461 code-projects Online Faculty Clearance HTTP POST Request deactivate.php sql injection

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been classified as critical. Affected is an unknown function of the file deactivate.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql injection. It is possible to laun...