259 matches found
CVE-2024-7636
A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attac...
SourceCodester Tracking Monitoring Management System SQL注入漏洞
SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in the SourceCodester Tracking Monitoring Management System version 1.0, which is caused by an SQL injection vulnerability in the username parameter...
CVE-2024-7286
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. The...
CVE-2024-24507
Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component...
CVE-2024-6957
A vulnerability classified as critical has been found in itsourcecode University Management System 1.0. This affects an unknown part of the file functions.php of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...
PT-2024-37996 · Unknown · Itsourcecode University Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode University Management System version 1.0 Description: A critical issue has been found in the itsourcecode University Management System. This issue affects the Login component, specifically the file functions.php. The manipulation...
PT-2024-37841 · Unknown · Simple Ticket Booking
Name of the Vulnerable Software and Affected Versions: Simple Ticket Booking version 1.0 Description: A critical issue has been found in the Login component of the affected software, specifically in the file adminauthenticate.php. The manipulation of the email and password arguments leads to SQL...
Sourcecodester Stock Management System SQL Injection Vulnerability
Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which originates from an unknown function in index.php in the component Login that allows an attacker to perform SQL injection via...
CVE-2024-5463
A vulnerability regarding buffer copy without checking the size of input 'Classic Buffer Overflow' has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors...
CVE-2024-5463
A vulnerability regarding buffer copy without checking the size of input 'Classic Buffer Overflow' has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors...
PT-2024-36392 · Synology · Synology Camera Firmware
Name of the Vulnerable Software and Affected Versions: Synology Camera Firmware versions prior to 1.1.1-0383 Description: A buffer copy issue without input size checking, known as a 'Classic Buffer Overflow', has been found in the login component. This allows remote attackers to conduct...
CVE-2024-33485
CASAP Automated Enrollment System, version V1.0, contains a SQL Injection in the login.php component (PHP/MySQLi) that could allow a remote attacker to leak sensitive information. Root cause: improper handling of user input in SQL queries. Mitigation in the connected document: disable the login f...
CVE-2024-30801
SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component...
CVE-2024-30802
An issue in Vehicle Management System 7.31.0.320230412 allows an attacker to escalate privileges via the login.html component...
CVE-2024-30802
An issue in Vehicle Management System 7.31.0.320230412 allows an attacker to escalate privileges via the login.html component...
PT-2024-23618 · Unknown · Cloud Based Customer Service Management Platform
Name of the Vulnerable Software and Affected Versions: Cloud based customer service management platform version 1.0.0 Description: The issue allows a local attacker to execute arbitrary code via a crafted payload to the "Login.asp" component. This is related to a SQL Injection vulnerability...
NorthStarC2 跨站脚本漏洞
NorthStarC2 is an open source command and control framework by Engin Individual Developers. A cross-site scripting vulnerability exists in NorthStarC2 v1 that originates from allowing remote attackers to execute arbitrary code via the login.php component...
iboss Secure Web Gateway 跨站脚本漏洞
iboss Secure Web Gateway is a web security solution from iboss designed to help organizations protect their networks from cyber threats and malicious activity. A cross-site scripting vulnerability exists in iboss Secure Web Gateway version 10.1 and earlier, which stems from a cross-site scripting...
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component...