528 matches found
Scholars Tracking System Security Vulnerability
Scholars Tracking System is a scholars tracking system by Fabian Ros Individual Developers. A security vulnerability exists in Scholars Tracking System version 1.0, which stems from the vulnerability to SQL injection attacks via PublisherID...
CVE-2024-24099
CVE-2024-24099 affects Code-projects Scholars Tracking System 1.0. Multiple sources (NVD, Red Hat, CNVD, CNVD-like entries, CVE list) describe a SQL Injection vulnerability in the Employment Status Information Update. Root cause: lack of validation for externally supplied SQL statements. Impact i...
CVE-2024-24099
Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update...
PT-2024-20270 · Unknown · Code-Projects Scholars Tracking System
Name of the Vulnerable Software and Affected Versions: Code-projects Scholars Tracking System version 1.0 Description: The issue is related to SQL Injection under Employment Status Information Update. This allows for potential exploitation of the system's database. Recommendations: For...
CVE-2023-6724
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...
CVE-2023-6724
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...
Authorization
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...
CVE-2023-6724
CVE-2023-6724 describes an Authorization Bypass Through User-Controlled Key in the Hearing Tracking System used by Simgesel/Software Engineering Consultancy Machine Equipment Limited Company. The underlying issue is an authorization bypass (IDOR-like) that enables authentication abuse. Documented...
CVE-2023-6724 IDOR in Simgesel Software's Hearing Tracking System (Barosel)
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...
CVE-2023-6724 IDOR in Simgesel Software's Hearing Tracking System (Barosel)
Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...
Hearing Tracking System Security Vulnerability
Simgesel Hearing Tracking System is a hearing tracking system from the Turkish company Simgesel. A security vulnerability exists in Hearing Tracking System that originated from allowing authorization bypass...
CVE-2023-50729
CVE-2023-50729 affects Traccar before version 5.11, due to an unrestricted file upload vulnerability in the File feature. The issue allows an attacker to execute arbitrary code on the server and is particularly risky because Traccar can operate with root privileges and can write to arbitrary loca...
CVE-2023-7134
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-7134
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to...
Path traversal
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-7134
CVE-2023-7134 affects SourceCodester Medicine Tracking System 1.0. A path traversal flaw exists in the page parameter (e.g., ../filedir) that can be triggered remotely. Public exploit information is available; CVSS metrics indicate high impact on confidentiality, integrity, and availability in th...
CVE-2023-7134 SourceCodester Medicine Tracking System path traversal
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-7134 SourceCodester Medicine Tracking System path traversal
A vulnerability was found in SourceCodester Medicine Tracking System 1.0. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument page leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-7123
A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=savemedicine. The manipulation of the argument id/name/description leads to sql injection. The attack may...
CVE-2023-7123
A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=savemedicine. The manipulation of the argument id/name/description leads to sql injection. The attack may...