CVE-2024-6112

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument logemail leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-6112 itsourcecode Pool of Bethesda Online Reservation System index.php sql injection

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument logemail leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-6112 itsourcecode Pool of Bethesda Online Reservation System index.php sql injection

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument logemail leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-37800

CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the Date parameter at index.php...

PT-2024-27759

Name of the Vulnerable Software and Affected Versions CodeProjects Restaurant Reservation System version 1.0 Description The issue is related to a reflected cross-site scripting XSS vulnerability. This vulnerability occurs via the Date parameter at the "index.php" endpoint. There is no informatio...

CVE-2024-6065 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument useremail leads to sql injection. The attack may be initiated remotely. The exploit has be...

CVE-2024-6065

CVE-2024-6065 affects itsourcecode Bakery Online Ordering System v1.0. The vulnerability is a SQL injection in index.php caused by manipulation of the user_email parameter. It is network-based and can be triggered remotely; the exploit has been publicly disclosed. Connected sources confirm the is...

CVE-2024-6065 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument useremail leads to sql injection. The attack may be initiated remotely. The exploit has be...

iBarn Security Vulnerabilities

iBarn is an application by zhimengzhe personal developer. It provides file network backup, synchronization and sharing services. A security vulnerability exists in iBarn v1.5, which originates from a reflected cross-site scripting XSS vulnerability contained in the $search parameter on /index.php...

PT-2024-27682 · Unknown · Zhimengzhe Ibarn

Name of the Vulnerable Software and Affected Versions: zhimengzhe iBarn version 1.5 Description: A reflected cross-site scripting XSS issue was discovered, which can be exploited via the search parameter at the "/index.php" API endpoint. This allows for potentially malicious scripts to be execute...

CVE-2024-37625

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the $search parameter at /index.php...

CVE-2024-5985 SourceCodester Best Online News Portal index.php sql injection

A vulnerability classified as critical has been found in SourceCodester Best Online News Portal 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-5673

Vulnerability in Dulldusk's PHP File Manager affecting version 1.7.8. This vulnerability consists of an XSS through the fmcurrentdir parameter of index.php. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially hijack their browser session...

CVE-2024-5636 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The...

CVE-2024-5636 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The...

CVE-2024-5635 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely...

CVE-2024-33999 moodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.php

The referrer URL used by MFA required additional sanitizing, rather than being used directly...

Cross-Site Scripting

phpservermon/phpservermon is vulnerable to Cross-Site Scripting. The vulnerability is due to the lack of proper validation of input parameters in index.php, which allows an attacker to create a specially crafted URL and send it to a victim, to retrieve their session details...

CVE-2024-5384

A vulnerability classified as critical was found in SourceCodester Facebook News Feed Like 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to sql injection. The attack can be initiated remotely. VDB-266302 is the identifier assigned ...

CVE-2024-5384 SourceCodester Facebook News Feed Like index.php sql injection

A vulnerability classified as critical was found in SourceCodester Facebook News Feed Like 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to sql injection. The attack can be initiated remotely. VDB-266302 is the identifier assigned ...