CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2024-8560

A vulnerability, which was classified as critical, was found in SourceCodester Simple Invoice Generator System 1.0. Affected is an unknown function of the file /saveinvoice.php. The manipulation of the argument...

CVE-2024-8560

The CVE-2024-8560 entry affects SourceCodester Simple Invoice Generator System 1.0. A vulnerability in the /save_invoice.php function allows SQL injection via manipulated parameters (invoice_code, customer, cashier, total_amount, discount_percentage, discount_amount, tendered_amount) and can be e...

CVE-2024-8560 SourceCodester Simple Invoice Generator System save_invoice.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Invoice Generator System 1.0. Affected is an unknown function of the file /saveinvoice.php. The manipulation of the argument...

Simple Invoice Generator System SQL注入漏洞

Simple Invoice Generator System is a simple invoice generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Simple Invoice Generator System version 1.0, which originates in the invoicecode/customer/cashier/totalamount/discountpercentage of the /saveinvoice.ph...

PT-2024-39097 · Unknown · Sourcecodester Simple Invoice Generator System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Invoice Generator System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /save invoice.php. The manipulation of the arguments invoice code, customer, cashier,...

CVE-2023-6650

A vulnerability was found in SourceCodester Simple Invoice Generator System 1.0 and classified as problematic. This issue affects some unknown processing of the file login.php. The manipulation of the argument cashier leads to cross site scripting. The attack may be initiated remotely. The exploi...

CVE-2023-6650

A vulnerability was found in SourceCodester Simple Invoice Generator System 1.0 and classified as problematic. This issue affects some unknown processing of the file login.php. The manipulation of the argument cashier leads to cross site scripting. The attack may be initiated remotely. The exploi...

CVE-2023-1666

SourceCodester Automatic Question Paper Generator System 1.0 has a SQL injection vulnerability in the GET Parameter Handler, specifically in users/classes/view_class.php where manipulating the id parameter allows remote exploitation. The issue affects the view_class.php code path and is described...

CVE-2023-1593 SourceCodester Automatic Question Paper Generator System cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=saveclass. The manipulation of the argument description leads to cross site scripting...

CVE-2023-1592 SourceCodester Automatic Question Paper Generator System GET Parameter view_class.php sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2023-1592

CVE-2023-1592 affects SourceCodester Automatic Question Paper Generator System 1.0. The vulnerability is an SQL injection in the file admin/courses/view_class.php of the GET Parameter Handler, caused by unsafely handling the id argument. Exploitation can be remote, with high potential impact to c...

CVE-2023-1591

A vulnerability classified as critical has been found in SourceCodester Automatic Question Paper Generator System 1.0. This affects an unknown part of the file classes/Users.php?f=saveruser. The manipulation of the argument id/email leads to sql injection. It is possible to initiate the attack...

CVE-2023-1591

The CVE-2023-1591 entry concerns a SQL injection in SourceCodester Automatic Question Paper Generator System 1.0. Affected component: the file classes/Users.php?f=save_ruser. The vulnerability is triggered by manipulating the id/email parameters, with remote initial access described as possible i...

Automatic Question Paper Generator System 跨站脚本漏洞

Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A cross-site scripting vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which stems from unknown handling of the file...

Sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/questionpapers/managequestionpaper.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...

CVE-2023-1474 SourceCodester Automatic Question Paper Generator System GET Parameter manage_question_paper.php sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/questionpapers/managequestionpaper.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...

CVE-2023-1441

A vulnerability has been found in SourceCodester Automatic Question Paper Generator System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/courses/viewcourse.php of the component GET Parameter Handler. The manipulation of the argument i...

CVE-2023-1441

CVE-2023-1441 affects SourceCodester Automatic Question Paper Generator System 1.0, impacting the GET Parameter Handler in admin/courses/view_course.php. The root cause is a vulnerability in the id parameter that enables SQL injection, allowing remote exploitation without user interaction. Multip...