Sql injection

A vulnerability classified as critical was found in keerti1924 Online-Book-Store-Website 1.0. This vulnerability affects unknown code of the file /home.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. The attack can be initiated...

Sql injection

A vulnerability classified as critical has been found in keerti1924 Online-Book-Store-Website 1.0. This affects an unknown part of the file /shop.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. It is possible to initiate the...

CVE-2024-2272

CVE-2024-2272 affects the keerti1924 Online-Book-Store-Website v1.0. The vulnerability resides in the HTTP POST handler for /home.php where manipulating the product_name parameter enables an SQL injection. The issue is remote and has publicly disclosed exploits. References consistently identify t...

CVE-2024-2271

The CVE-2024-2271 entry affects keerti1924 Online-Book-Store-Website 1.0. A vulnerability in the HTTP POST Request Handler affects the /shop.php file, where the product_name parameter is susceptible to SQL injection. The issue can be exploited remotely, and public disclosures of the exploit exist...

CVE-2024-2168

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expensecategory.php of the component HTTP POST Request Handler. The manipulation of the argument status leads...

CVE-2024-2168 SourceCodester Online Tours & Travels Management System HTTP POST Request expense_category.php sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expensecategory.php of the component HTTP POST Request Handler. The manipulation of the argument status leads...

CVE-2024-2168

CVE-2024-2168 pertains to SourceCodester Online Tours & Travels Management System 1.0. Affects an unknown function in the file /admin/operations/expense_category.php on the HTTP POST Request Handler, where manipulating the status argument triggers a SQL injection. The vulnerability allows remote ...

The vulnerability of the API PUT Request Handler component of the software platform based on Git, which is used for collaborative code development in GitLab, allows a malicious actor to execute arbitrary API PUT requests.

The vulnerability of the API PUT Request Handler component of the software platform based on Git for collaborative code development on GitLab exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker to execute arbitrary API PUT...

Information disclosure

The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level acce...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial Page Manager 1.0. This issue affects some unknown processing of the file delete-testimonial.php of the component HTTP GET Request Handler. The manipulation of the argument testimony leads to sql...

CVE-2024-1196

A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony leads to cross site...

CVE-2024-1196 SourceCodester Testimonial Page Manager HTTP POST Request add-testimonial.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony leads to cross site...

PT-2024-20530 · Bref · Bref

Name of the Vulnerable Software and Affected Versions: Bref versions prior to 2.1.13 Description: The issue arises when Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface. In this scenario, the Lambda event is converted to a PSR7 object. During the...

The vulnerability of the POST Request Handler component in Trendnet’s microprogrammed routing software TEW-800MB allows a attacker to execute arbitrary commands.

The vulnerability of the POST Request Handler component in Trendnet’s TEW-800MB router software lies in insufficient validation of the DeviceURL parameter used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands or cause service...

The vulnerability of the /admin_ping.htm file of the POST Request Handler component in the microprogramming software for Trendnet TEW-822DRE allows a attacker to execute arbitrary commands.

The vulnerability of the /adminping.htm file of the POST Request Handler component in the microprogramming system of the Trendnet TEW-822DRE router lies in the insufficient checking of the ipv4ping/ipv6ping argument passed in the command. Exploiting this vulnerability allows a remote attacker to...

CVE-2024-1021

A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The...

Server side request forgery (ssrf)

A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The...

CVE-2024-1021 Rebuild HTTP Request readRawText server-side request forgery

A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The...

Rebuild Security Vulnerability

Rebuild is a highly customizable enterprise management system. A security vulnerability exists in Rebuild version 3.5.5 due to a server-side request forgery vulnerability in the url parameter of the readRawText function of the HTTP Request Handler component...

PT-2024-16118 · Rebuild · Rebuild

Name of the Vulnerable Software and Affected Versions: Rebuild versions up to 3.5.5 Description: A critical issue has been found in the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...