CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

PT-2024-30167 · Unknown · Kashipara Music Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: The issue is related to Incorrect Access Control. It can be found in the /music/ajax.php endpoint, specifically when the action parameter is set to save user. This allows for...

CVE-2024-42793

A Cross-Site Request Forgery CSRF vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=saveuser page...

CVE-2024-7367

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit...