Cross site scripting

A vulnerability has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument...

CVE-2023-1353 SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System verification.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. Affected is an unknown function of the file verification.php. The manipulation of the argument txtvaccinationID leads to cross site scriptin...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this issue is some unknown functionality of the file deleteorder.php of the component GET Parameter Handler. The manipulation of the argument id...

CVE-2023-1293

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqliquery of the file admincs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high...

CVE-2023-1293

SourceCodester Online Graduate Tracer System 1.0 contains a SQL injection vulnerability in the admin_cs.php file, caused by how mysqli_query handles input. The issue can be triggered remotely and is described as high impact with exploitation disclosed publicly. Some sources cite VDB-222647. Avail...

Null pointer dereference

A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects the function 0x222010/0x222018 in the library ftwebcam.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally ...

Sql injection

A vulnerability has been found in ???CMS and classified as critical. Affected by this vulnerability is the function goodsdetail of the file ApiController.class.php. The manipulation of the argument goodsid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

CVE-2023-1157

The CVE-2023-1157 issue affects finixbit elf-parser, specifically the function elf_parser::Elf_parser::get_segments in elf_parser.cpp. The manipulation leads to a denial of service and requires local access. Exploitation details have been disclosed publicly, but the initial document provides no v...

Sql injection

A vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection...

CVE-2023-1044

A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument filepath leads to relative path traversal. The attack can be launched remotely. The exploit has...

Cross site scripting

A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /petshop/admin/orders/updatestatus.php. The manipulation of the argument oid with the input 1"alert1111 leads to cross site scripting. The...

CVE-2023-1045

MuYuCMS 2.2 is affected by a path-traversal vulnerability in the admin.php/accessory/filesdel.html handler. The issue stems from manipulating the filedelur argument, enabling relative path traversal and potentially remote exploitation. Public exploitation details are referenced in multiple source...

CVE-2023-1010

A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability is an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

Heap overflow

A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability is an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2023-0998

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...

CVE-2023-0999

CVE-2023-0999 affects SourceCodester Sales Tracker Management System v1.0, specifically the admin/?page=user/list endpoint. The issue is a Cross-Site Request Forgery (CSRF) vulnerability that can be triggered remotely with an exploit publicly disclosed. Multiple sources corroborate the CSRF behav...

CVE-2023-0987

The CVE-2023-0987 entry concerns SourceCodester Online Pizza Ordering System 1.0 with a cross-site scripting (XSS) vulnerability in index.php?page=checkout. The root cause is improper handling of input leading to XSS; the issue can be triggered remotely and has been publicly disclosed. Multiple c...

CVE-2023-0961

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file viewmusicdetails.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the...

CVE-2023-0963 SourceCodester Music Gallery Site POST Request Users.php access control

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The...

CVE-2023-0938 SourceCodester Music Gallery Site GET Request music_list.php sql injection

A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file musiclist.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely...