CVE-2024-8570

CVE-2024-8570 concerns a SQL injection vulnerability in Itsourcecode Tailoring Management System v1.0, specifically in the file /inccatadd.php where the title parameter can be manipulated. The issue is exploitable remotely over the network, and multiple sources indicate the exploit has been publi...

PT-2024-39107 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: Itsourcecode Tailoring Management System version 1.0 Description: A critical issue was found in the Itsourcecode Tailoring Management System, affecting some unknown functionality of the file /inccatadd.php. The manipulation of the title...

itsourcecode Alton Management System 安全漏洞

itsourcecode Alton Management System is an online restaurant management system from itsourcecode open source. A security vulnerability exists in version 1.0 of itsourcecode Alton Management System, which stems from vulnerability to SQL injection via the menu parameter in file /noncombosave.php...

CVE-2024-8220

The CVE-2024-8220 entry concerns itsourcecode Tailoring Management System 1.0. Affected component: staffedit.php. Root cause: manipulation of parameters id, stafftype, address, fullname, phonenumber, and salary enables SQL injection. Vector: remote, network-based; exploit has been disclosed publi...

CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-8209

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

CVE-2024-8208

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

CVE-2024-8209 nafisulbari/itsourcecode Insurance Management System addClient.php cross site scripting

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

CVE-2024-8208 nafisulbari/itsourcecode Insurance Management System editClient.php cross site scripting

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

CVE-2024-8171

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2024-8171

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2024-8171

CVE-2024-8171 affects the Tailoring Management System v1.0. The vulnerability resides in an insecure handling of the parameter title in the file staffcatedit.php , enabling SQL injection when the parameter is manipulated. This is described as a remotely initiable vulnerability with the exploit pu...

CVE-2024-8139

A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file searchlist.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit h...

CVE-2024-8139

CVE-2024-8139 affects itsourcecode E-Commerce Website 1.0. The issue is a SQL injection in the search_list.php logic triggered by manipulating the user parameter, exploitable remotely. Multiple connected sources confirm the vulnerability and public exploit disclosure. Remediation: upgrade to vers...

itsourcecode E-Commerce Website SQL注入漏洞

itsourcecode E-Commerce Website is an e-commerce website of itsourcecode open source. A SQL injection vulnerability exists in itsourcecode E-Commerce Website version 1.0, which stems from improper handling of the parameter user and could lead to an SQL injection attack...

CVE-2024-42918

itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php...

PT-2024-30205 · Unknown · Itsourcecode Online Accreditation Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Accreditation Management System affected versions not specified Description: The itsourcecode Online Accreditation Management System contains a Cross Site Scripting issue, allowing an attacker to execute arbitrary code via...

CVE-2024-8081

A vulnerability classified as critical was found in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2024-8081

The CVE-2024-8081 issue affects itsourcecode Payroll Management System 1.0, where the login.php file’s username parameter is vulnerable to SQL injection. It is exploitable remotely, and public disclosures exist. The known remediation/mitigation from connected details includes temporary workaround...