CVE-2024-6898

A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument UserName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-6803

A vulnerability has been found in itsourcecode Document Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert.php. The manipulation of the argument anothercont leads to sql injection. The attack can be launched remotely. Th...

CVE-2024-6732

A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. This vulnerability affects unknown code of the file /sscdms/classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. The attack can be initiated remotel...

CVE-2024-6729

A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /control/addact.php. The manipulation of the argument aname leads to sql injection. The attack can be initiated...

CVE-2024-6470

A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php?app=main&inc=featureinboxgroup&op=list of the component Template Handler. The manipulation of the argument Receiver Number with the input id...

CVE-2024-6470

A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php?app=main&inc=featureinboxgroup&op=list of the component Template Handler. The manipulation of the argument Receiver Number with the input id...

CVE-2024-6470

CVE-2024-6470 affects playSMS 1.4.3 in the Template Handler, specifically the /index.php?app=main&inc=feature_inboxgroup&op=list endpoint. The vulnerability arises from injection via the id argument (also described as manipulation of Receiver Number/id in the Template Handler’s list functionality...

CVE-2024-6469

A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?app=main&inc=featurefirewall&op=firewalllist of the component Template Handler. The manipulation of the argument IP address with the...

CVE-2024-6469

A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?app=main&inc=featurefirewall&op=firewalllist of the component Template Handler. The manipulation of the argument IP address with the...

PT-2024-37650 · Playsms · Playsms

Name of the Vulnerable Software and Affected Versions: playSMS version 1.4.3 Description: A vulnerability was found in the Template Handler component, specifically in the file /index.php?app=main&inc=feature firewall&op=firewall list. The manipulation of the id argument leads to injection. The...

CVE-2024-6016

A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file adminclass.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

CVE-2024-6015

A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file manageuser.php. The manipulation of the argument monthof leads to sql injection. The attack can be launched remotely. The exploit...

CVE-2023-35859

A Reflected Cross-Site Scripting XSS vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scripts or HTML via multiple parameters...

ROS-20240611-16

A vulnerability in the gitpython package is related to external git calls without sufficiently cleaning up input arguments. Exploitation of the vulnerability could allow an attacker acting remotely to inject a malicious remote URL into a clone command...

CVE-2024-5394

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file newDept.php. The manipulation of the argument deptname leads to sql injection. The attack can be initiated remotely. The exploit ha...

CVE-2024-5366

A vulnerability has been found in SourceCodester Best House Rental Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file edit-cate.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The explo...

CVE-2024-5233

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/teachersalarydetails3.php. The manipulation of the argument index leads to sql injection. The attack can be initiated...

CVE-2024-5051

A vulnerability has been found in SourceCodester Gas Agency Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-28761

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force I...

CVE-2024-3422

A vulnerability was found in SourceCodester Online Courseware 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/activatestud.php. The manipulation of the argument selector leads to sql injection. The attack can be initiated remotely. The exploit has...