CVE-2024-8570

A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /inccatadd.php. The manipulation of the argument title leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2024-8569 code-projects Hospital Management System user-login.php sql injection

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file user-login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely...

CVE-2024-8569

CVE-2024-8569 affects code-projects Hospital Management System 1.0, specifically the user-login.php file. The issue arises from unsafely handling the username parameter, enabling SQL injection via a remote attack. Multiple sources describe this as a critical vulnerability with public exploits and...

CVE-2024-8567

A vulnerability, which was classified as critical, has been found in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=deletedeductions. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2024-8567

CVE-2024-8567 affects itsourcecode Payroll Management System 1.0. The vulnerability stems from the file /ajax.php?action=delete_deductions where manipulating the id parameter leads to SQL injection. It is described as high/critical with network attacker potential and remote exploitation. Several ...

CVE-2024-8563 SourceCodester PHP CRUD update.php cross site scripting

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/update.php. The manipulation of the argument firstname/middlename/lastname leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-8562

A vulnerability was found in SourceCodester PHP CRUD 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/Add.php. The manipulation of the argument firstname/middlename/lastname leads to cross site scripting. The attack may be launched...

CVE-2024-8560

The CVE-2024-8560 entry affects SourceCodester Simple Invoice Generator System 1.0. A vulnerability in the /save_invoice.php function allows SQL injection via manipulated parameters (invoice_code, customer, cashier, total_amount, discount_percentage, discount_amount, tendered_amount) and can be e...

CVE-2024-8555

CVE-2024-8555 affects SourceCodester Clinics Patient Management System 2.0. The vulnerability is an open redirect in the file congratulations.php caused by manipulation of the goto_page parameter. It can be exploited remotely; the exploit has been disclosed publicly. The provided documents do not...

CVE-2024-8407

A vulnerability was found in alwindoss akademy up to 35caccea888ed63d5489e211c99edff1f62efdba. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file cmd/akademy/handler/handlers.go. The manipulation of the argument emailAddress leads to cross...

CVE-2024-8408

The CVE-2024-8408 issue affects Linksys WRT54G (version 4.21.5). The vulnerability lies in the POST Parameter Handler’s function validate_services_port in /apply.cgi, where improper handling of the argument services_array causes a stack-based buffer overflow. This vulnerability can be exploited r...

CVE-2024-8343

A vulnerability, which was classified as critical, was found in SourceCodester Sentiment Based Movie Rating System 1.0. Affected is an unknown function of the file /classes/Users.php?f=saveclient of the component User Registration Handler. The manipulation of the argument email leads to sql...

CVE-2024-8340

A vulnerability classified as critical has been found in SourceCodester Electric Billing Management System 1.0. This affects an unknown part of the file /Actions.php?a=login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-8335

A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-8228 Tenda O5 setMacFilterList fromSafeSetMacFilter stack-based overflow

A vulnerability was found in Tenda O5 1.0.0.85017. It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2024-8226

CVE-2024-8226 affects Tenda O1 firmware v1.0.0.7(10648). The vulnerable component is the function formSetCfm in /goform/setcfm, where manipulation of the funcpara1 argument causes a stack-based buffer overflow. This can be exploited remotely, with public exploit details cited in multiple sources....

CVE-2024-8221

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/categories/managecategory.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2024-8218

CVE-2024-8218 affects code-projects Online Quiz Site 1.0. Multiple connected sources confirm a SQL injection vulnerability in the file index.php caused by manipulating the loginid argument, with remote exploitation and public disclosure. The issue is documented across NVD/Red Hat/CVE lists and th...

CVE-2024-8218 code-projects Online Quiz Site index.php sql injection

A vulnerability was found in code-projects Online Quiz Site 1.0 and classified as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument loginid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to th...

CVE-2024-8208

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...