Sales Tracker Management System SQL注入漏洞

Sales Tracker Management System is a sales tracker management system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Sales Tracker Management System version 1.0, which stems from some security issues with a function in the file classes/Master.php, which...

PT-2023-16646 · Unknown · Sourcecodester Music Gallery Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Music Gallery Site version 1.0 Description: A critical issue has been found in the SourceCodester Music Gallery Site, affecting the Master.php file of the GET Request Handler component. The manipulation of the id argument leads...

SUSE CVE-2017-1000113

The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with...

SUSE CVE-2017-1000387

Jenkins Build-Publisher plugin version 1.21 and earlier stores credentials to other Jenkins instances in the file hudson.plugins.buildpublisher.BuildPublisher.xml in the Jenkins master home directory. These credentials were stored unencrypted, allowing anyone with local file system access to acce...

SUSE CVE-2018-6356

Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On...

SUSE CVE-2018-11727

The libfsntfsattributereadfrommft function in libfsntfsattribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub...

SUSE CVE-2021-35269

NTFS-3G versions 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfsattrsetupflag, a heap buffer overflow can occur allowing for code execution and escalation of privileges...

Helmet Store Showroom Site SQL注入漏洞

Helmet Store Showroom Site is a platform by Carlo Montero Personal Developer. Allows potential customers of Inquiries Stores to virtually display helmet products. A security vulnerability exists in Helmet Store Showroom Site v1.0, which stems from the id parameter of its...

PT-2022-27165 · Unknown · Automotive Shop Management System

Name of the Vulnerable Software and Affected Versions: Automotive Shop Management System version 1.0 Description: The issue allows deletion of any file via the "/asms/classes/Master.php?f=delete img" API endpoint. Recommendations: For Automotive Shop Management System version 1.0, as a temporary...

PT-2022-27201 · Unknown · Automotive Shop Management System

Name of the Vulnerable Software and Affected Versions: Automotive Shop Management System version 1.0 Description: The issue concerns a SQL vulnerability in the Automotive Shop Management System. The vulnerability can be exploited via the /asms/classes/Master.php?f=delete mechanic API endpoint...

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in its...

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that originates in the /asms/classes/Master.php?f=deleteservice component that lacks validation of...

Online Pet Shop We App SQL注入漏洞

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App version 1.0, which originates from a lack of validation of externally entered SQL statements in the...

Simple Task Scheduling System SQL注入漏洞

Simple Task Scheduling System is a simple task scheduling system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Simple Task Scheduling System v1.0, which stems from a security issue with the id parameter in /classes/Master.php?f=deletestudent...

Simple Task Scheduling System SQL注入漏洞

Simple Task Scheduling System is a simple task scheduling system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Simple Task Scheduling System v1.0, which stems from a security issue with the id parameter in classes/Master.php?f=deleteschedule...

CVE-2022-36696

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletestockout...

CVE-2022-32318

Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via the component /ffos/classes/Master.php?f=savecategory...

CVE-2022-33060

Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteschedule...

Online Railway Reservation System SQL注入漏洞

Sourcecodester Online Railway Reservation system is a web-based application that provides an online platform for rail or train station passengers or potential passengers to browse their schedules and reserve seats. sourceCodester Online Railway Reservation System v1.0 is vulnerable to a SQL...

The vulnerability of the ntfs_mft_rec_alloc function in the NTFS file system, which allows a hacker to execute arbitrary code with elevated privileges through the FUSE NTFS-3G module.

The vulnerability of the ntfsmftrecalloc function in the NTFS file system relates to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges using a specially created NTFS image file...