CVE-2024-7845

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/fetchit.php. The manipulation of the argument request leads to sql injection. The attack may be launched...

CVE-2024-7841 SourceCodester Clinics Patient Management System check_user_name.php sql injection

A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/checkusername.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-7839

CVE-2024-7839 affects itsourcecode Billing System 1.0, with a vulnerability in the file addbill.php where the argument owners_id can be manipulated to cause SQL injection. The issue is exploitable remotely and exploits have been disclosed publicly. Connected documents consistently describe this a...

CVE-2024-7838

A vulnerability was found in itsourcecode Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcategory.php. The manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The...

CVE-2024-7754

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ajax/checkmedicinename.php. The manipulation of the argument username leads to sql injection. The attack may be initiated...

CVE-2024-7753

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /userimages/. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2024-7753 SourceCodester Clinics Patient Management System user_images direct request

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /userimages/. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2024-7743

A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected by this vulnerability is the function downloadUrl of the file /api/file/downloadUrl of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. The attac...

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

CVE-2024-7706 Fujian mwcms uploadfile.html uploadimage unrestricted upload

A vulnerability was found in Fujian mwcms 1.0.0. It has been rated as critical. Affected by this issue is the function uploadimage of the file /uploadfile.html. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclose...

CVE-2024-7704 Weaver e-cology Source Code ecology_dev.zip information disclosure

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecologydev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack...

CVE-2024-7704

Weaver e-cology 8 is affected in the Source Code Handler component, via an issue in the file /cloudstore/ecode/setup/ecology_dev.zip. The vulnerability enables information disclosure and can be exploited remotely; exploitation has been disclosed publicly. The available connected docs do not speci...

CVE-2024-7681

A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The attack can be initiate...

CVE-2024-7667

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7645

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file users.php of the component User Page. The manipulation leads to cross-site request forgery. The attack can be initiated...

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7681 code-projects College Management System Login Page login.php sql injection

A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The attack can be initiate...

CVE-2024-7678 SourceCodester Car Driving School Management System Master.php cross site scripting

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=savepackage. The manipulation of the argument name/description/trainingduration leads to...

CVE-2024-7667 SourceCodester Car Driving School Management System User.php delete_users sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Car Driving School Management System 1.0. This affects the function deleteusers of the file User.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7663

CVE-2024-7663 affects SourceCodester Car Driving School Management System 1.0, specifically the manage_user.php file. The issue is an SQL injection caused by unsafely manipulating the id parameter, exploitable via network remotely. The vulnerability has public disclosure, and multiple sources cor...