CVE-2024-30998

SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component...

CVE-2024-31008

The CVE covers WUZHICMS version 4.1.0, where an issue in the index.php file allows an attacker to execute arbitrary code and access sensitive information. Affected software: WUZHICMS 4.1.0. Reported root cause details are not provided in the sources beyond the index.php vector. Impact: arbitrary ...

CVE-2024-30862

NetentSec NS-ASG 6.3 is vulnerable to SQL Injection via the /3g/index.php endpoint. Affected component: NS-ASG 6.3. Reported impact includes high confidentiality, integrity, and availability according to CVSS metrics. The connected sources confirm the vulnerability detail; no patch/version remedi...

CVE-2024-3000 code-projects Online Book System index.php sql injection

A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/loginusername/loginpassword leads to sql injection. The attack can be initiated remotely. Th...

CVE-2024-3000 code-projects Online Book System index.php sql injection

A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/loginusername/loginpassword leads to sql injection. The attack can be initiated remotely. Th...

PT-2024-23177 · Unknown · Code-Projects Online Book System

Name of the Vulnerable Software and Affected Versions: code-projects Online Book System version 1.0 Description: A critical vulnerability was found in the code-projects Online Book System. This issue affects the file /index.php and is related to the manipulation of the username, password, login...

CVE-2024-29273

There is Stored Cross-Site Scripting XSS in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document...

CVE-2024-29273

Affected software: dzzoffice 2.02.1 SC UTF8. Vulnerability: Stored XSS via an SVG payload uploaded to uploadfile/index.php, exploiting insufficient input filtering/escaping. Impact: could allow execution of arbitrary script in the victim’s browser (per CVE description; CVSS base 6.1, UI: Required...

CVE-2024-2687 Campcodes Online Job Finder System index.php sql injection

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/applicants/index.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has bee...

CVE-2024-2685 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability, which was classified as problematic, was found in Campcodes Online Job Finder System 1.0. This affects an unknown part of the file /admin/applicants/index.php. The manipulation of the argument view leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-2685 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability, which was classified as problematic, was found in Campcodes Online Job Finder System 1.0. This affects an unknown part of the file /admin/applicants/index.php. The manipulation of the argument view leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-2684 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Online Job Finder System 1.0. Affected by this issue is some unknown functionality of the file /admin/category/index.php. The manipulation of the argument view leads to cross site scripting. The attack may be launch...

CVE-2024-2681 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/employee/index.php. The manipulation of the argument view leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2024-2680 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/user/index.php. The manipulation of the argument view leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-2679 Campcodes Online Job Finder System index.php cross site scripting

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vacancy/index.php. The manipulation of the argument view leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-2674 Campcodes Online Job Finder System index.php sql injection

A vulnerability classified as critical was found in Campcodes Online Job Finder System 1.0. This vulnerability affects unknown code of the file /admin/employee/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2024-2670 Campcodes Online Job Finder System index.php sql injection

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/vacancy/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has...

Teacher Subject Allocation Management System 1.0 SQL Injection

Exploit Title: Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://phpgurukul.com/teacher-subject-allocation-system-using-php-and-mysql Software Link:...

CVE-2023-49453

Reflected cross-site scripting XSS vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php...

CVE-2024-28816

Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php...