3773 matches found
CVE-2024-7168
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...
CVE-2024-7167
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /managecourse.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...
CVE-2024-7116
A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. It has been rated as critical. This issue affects some unknown processing of the file /branchviewmore.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotel...
CVE-2024-6952
CVE-2024-6952 affects itsourcecode University Management System 1.0. The vulnerability is in the file /view_single_result.php?vr=123321&vn=mirage, where manipulation of the seme argument leads to SQL injection. Reports indicate the issue is exploitable remotely and the exploit has been disclosed ...
CVE-2024-6808
A vulnerability was found in itsourcecode Simple Task List 1.0. It has been classified as critical. This affects the function insertUserRecord of the file signUp.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-6735
Summary: CVE-2024-6735 affects itsourcecode Tailoring Management System 1.0. The vulnerability resides in the file setgeneral.php, where manipulating the parameters sitename, email, mobile, sms, or currency can trigger SQL injection. Exploitation appears remote and has been publicized. Technical ...
CVE-2024-6734
CVE-2024-6734 : A SQL injection flaw exists in itsourcecode Tailoring Management System 1.0, originating in the templateadd.php file. The vulnerability is triggered by manipulating the title/msg parameters, enabling remote attackers to execute arbitrary SQL. Exploitation is feasible remotely and ...
CVE-2024-37871
SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2024-6419
CVE-2024-6419 describes a SQL injection in SourceCodester Medicine Tracker System 1.0, affecting unknown code path /classes/Master.php?f=save_medicine where the id parameter is manipulated to exploit the vulnerability. It is remotely exploitable and has been publicly disclosed. Multiple connected...
CVE-2024-6016
A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file adminclass.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...
CVE-2024-6009
CVE-2024-6009 affects itsourcecode Event Calendar 1.0. The vulnerability resides in regConfirm/regDelete in process.php, where manipulating the userId parameter enables SQL injection. Exploitation is remote and the vulnerability has been publicly disclosed. Mitigations documented in connected sou...
CVE-2024-5983
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2024-5774
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...
CVE-2024-5772
CVE-2024-5772 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability arises from handling of the messagecontent parameter in /protocol/iscuser/deleteiscuser.php, where improper input handling allows SQL injection. Impact is described as high confidentiality, integrity, and a...
CVE-2024-5589
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /admin/configMT.php?action=delete. The manipulation of the argument Mid leads to sql injection. It is possible to initiate the attack...
CVE-2024-5517
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file changepwd.php. The manipulation of the argument useremail leads to sql injection. The attack may be launched remotely...
CVE-2024-5515
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2024-5360
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/foreigner-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated...
CVE-2024-5119
A vulnerability was found in SourceCodester Event Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php?f=loadregistration. The manipulation of the argument lastid/eventid leads to sql injection. The attack may be initiated...
CVE-2024-5099
A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...