CVE-2022-2766

A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has be...

Sql injection

A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has be...

CVE-2022-2767 SourceCodester Online Admission System index.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Admission System. This affects an unknown part of the file /index.php. The manipulation of the argument studentadd leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2022-2766 SourceCodester Loan Management System index.php sql injection

A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has be...

Ubuntu 18.04 LTS / 20.04 LTS : phpLiteAdmin vulnerability (USN-5552-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5552-1 advisory. It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scriptin...

Sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument username with the input ' AND SELECT 4955 FROM SELECTSLEEP5RSzF AND 'htiy'='htiy leads to s...

PT-2022-18069 · Unknown · Sourcecodester Apartment Visitor Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Apartment Visitor Management System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file index.php. The manipulation of the username argument with a specific input leads to SQL...

CVE-2022-2646

A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...

Cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2022-2646

SourceCodester Online Admission System is affected by a cross-site scripting vulnerability in an unknown function of index.php. The eid parameter can be manipulated with input such as 8, allowing remote exploitation. Multiple connected reports corroborate the flaw and its remote abuse. Several so...

CVE-2022-34580

CVE-2022-34580 affects Advanced School Management System v1.0. The issue is a cross-site scripting (XSS) vulnerability exploitable via the address parameter at ip/school/index.php. Documented CVSS: 4.8 (MEDIUM) with network attack vector, high privileges required and user interaction. APT/Exploit...

CVE-2017-20126 KB Affiliate Referral Script index.php sql injection

A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely...

CVE-2017-20126 KB Affiliate Referral Script index.php sql injection

A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely...

Cross-Site Request Forgery (CSRF)

microweber/microweber is vulnerable to cross site request forgery. The vulnerability exists due to a dom XSS in index.php because the user input for type parameter is not properly escaped which allows an attacker to steal tokens and gain access to sensitive information resulting a csrf...

CVE-2022-32055

Inout Homestay v2.2 was discovered to contain a SQL injection vulnerability via the guests parameter at /index.php?page=search/rentals...

CVE-2022-31856

Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the zemeznewsletteremail parameter at /index.php...

CVE-2022-31856

CVE-2022-31856 affects Newsletter Module v3.x with a SQL injection in the zemez_newsletter_email parameter at /index.php. Root cause is improper handling of this input, enabling unauthenticated network-exposed injection with high/critical impact on confidentiality, integrity, and availability (CV...

CVE-2021-39408

Cross Site Scripting XSS vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file...

CVE-2021-39408

The CVE-2021-39408 entry applies to Online Student Rate System v1.0. Affected: index.php page parameter handling in the application. Root cause: lack of input validation/escaping of user-supplied data in the page parameter leading to Cross-Site Scripting (XSS). Impact: attacker could cause client...

CVE-2021-39408

Cross Site Scripting XSS vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file...