Sql injection

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

CVE-2022-4276

A vulnerability was found in House Rental System and classified as critical. Affected by this issue is some unknown functionality of the file tenant-engine.php of the component POST Request Handler. The manipulation of the argument idphoto leads to unrestricted upload. The attack may be launched...

CVE-2022-4275

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

Sql injection

A vulnerability has been found in House Rental System and classified as critical. Affected by this vulnerability is an unknown functionality of the file search-property.php of the component POST Request Handler. The manipulation of the argument searchproperty leads to sql injection. The attack ca...

House Rental System 代码问题漏洞

House Rental System is a rental management system that allows you to add, modify and delete listings and to place reservations. A security vulnerability exists in House Rental System due to unknown functionality in the component POST request handler file tenant-engine.php, where the operation of...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

CVE-2022-4249 Movie Ticket Booking System POST Request cross site scripting

A vulnerability, which was classified as problematic, was found in Movie Ticket Booking System. Affected is an unknown function of the component POST Request Handler. The manipulation of the argument ORDERID leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

Movie Ticket Booking System 跨站脚本漏洞

Movie Ticket Booking System is a movie ticket booking system by the individual developer Aman sharma. A security vulnerability exists in Movie Ticket Booking System, which stems from a problem with the unknown functionality of the component POST Request Handler, where manipulation of the paramete...

PT-2022-26456 · Unknown · Movie Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Movie Ticket Booking System affected versions not specified Description: A problematic issue was found in the Movie Ticket Booking System, affecting an unknown function of the component POST Request Handler. The manipulation of the ORDER ID...

CVE-2022-4249

CVE-2022-4249 affects the Movie Ticket Booking System. Affected component: POST Request Handler. Root cause: manipulation of the ORDER_ID argument leads to a Cross-Site Scripting (XSS) vulnerability. Impact: allows remote exploitation; attacker can inject script via ORDER_ID. Public exploit/usage...

CVE-2022-4222

A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajaxinvoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiate...

CVE-2022-4222

A vulnerability was found in SourceCodester Canteen Management System. It has been rated as critical. This issue affects the function query of the file ajaxinvoice.php of the component POST Request Handler. The manipulation of the argument search leads to sql injection. The attack may be initiate...

CVE-2022-4222

CVE-2022-4222 affects SourceCodester Canteen Management System. The vulnerability exists in the POST Request Handler’s function ajax_invoice.php, where manipulation of the parameter that accepts the search value enables a SQL injection. Remote exploitation is suggested by the description. Public ...

CVE-2022-2676

A vulnerability was found in SourceCodester Electronic Medical Records System and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument useremail leads to sql injection. The attack may be launched...

Sql injection

A vulnerability was found in SourceCodester Electronic Medical Records System and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument useremail leads to sql injection. The attack may be launched...

CVE-2022-2676 SourceCodester Electronic Medical Records System POST Request sql injection

A vulnerability was found in SourceCodester Electronic Medical Records System and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument useremail leads to sql injection. The attack may be launched...

CVE-2022-2673

A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to s...

CVE-2022-2673 Rigatur Online Booking and Hotel Management System POST Request login.php sql injection

A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to s...

CVE-2022-2664 Private Cloud Management Platform POST Request global_config_query improper authentication

A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcxmanagement/globalconfigquery of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launc...