288 matches found
CVE-2024-7283
A vulnerability, which was classified as critical, has been found in SourceCodester Lot Reservation Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be launched...
PT-2024-38130 · Unknown · Sourcecodester School Fees Payment System
Name of the Vulnerable Software and Affected Versions: SourceCodester School Fees Payment System version 1.0 Description: A critical issue affects some unknown functionality of the file /manage user.php. The manipulation of the id argument leads to sql injection. The attack can be launched...
PT-2024-37946 · Unknown · Sourcecodester Record Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Record Management System version 1.0 Description: A critical issue has been found in the SourceCodester Record Management System, affecting the file view info user.php. The manipulation of the id argument leads to SQL injection...
PT-2024-37338 · Unknown · Itsourcecode Farm Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Gym Management System version 1.0 Description: A critical issue was found in the itsourcecode Gym Management System, affecting an unknown functionality of the file manage user.php. The manipulation of the id argument leads to SQL...
CVE-2024-36119
Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the user:registerform tag will have their password confirmation stored in plain text in their user file. This only affects sites matching all of the following conditions: 1. Running...
PT-2024-35796 · Sourcecodester · Best House Rental Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A critical issue was found in the manage user.php file, where the manipulation of the id argument leads to sql injection. This issue can be exploited remotely...
CVE-2024-5031
The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary...
WordPress MemberPress plugin <= 1.11.29 - Authenticated (Contributor+) Blind Server-Side Request Forgery via mepr-user-file Shortcode vulnerability
Authenticated Contributor+ Blind Server-Side Request Forgery via mepr-user-file Shortcode vulnerability discovered by stealthcopter in WordPress Plugin MemberPress versions = 1.11.29...
CVE-2024-4817
A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file manageuser.php of the component HTTP Request Parameter Handler. The manipulation of the argument id leads to improper control of resourc...
PT-2024-32958 · Unknown · Kashipara College Management System
Name of the Vulnerable Software and Affected Versions: Kashipara College Management System version 1.0 Description: A critical issue has been found in the Kashipara College Management System, affecting some unknown functionality of the file edit user.php. The manipulation of the id argument leads...
CVE-2024-3537
A vulnerability was found in Campcodes Church Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/adminuser.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has bee...
PT-2024-25134 · Sourcecodester · Sourcecodester Computer Laboratory Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A critical issue was found in the SourceCodester Computer Laboratory Management System, affecting an unknown function of the file classes/user.php. The manipulation...
PT-2024-23346 · Sourcecodester · Sourcecodester Simple Subscription Website
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Subscription Website version 1.0 Description: A critical issue affects the processing of the file manage user.php, where the manipulation of the id argument leads to SQL injection. The attack can be initiated remotely. T...
Sourcecodester Workout Journal App 跨站脚本漏洞
Workout Journal App is workout journal application. A security vulnerability exists in version 1.0 of the Sourcecodester Workout Journal App that stems from a cross-site scripting XSS vulnerability in the parameters firstname and lastname in the file /add-user.php...
CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...
PT-2024-16770
Name of the Vulnerable Software and Affected Versions SourceCodester QR Code Login System version 1.0 Description A vulnerability has been found in the SourceCodester QR Code Login System, affecting some unknown functionality of the file add-user.php. The manipulation of the qr-code argument lead...
CVE-2024-0472
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public...
RRJ Nueva Ecija Engineer Online Portal Cross-Site Scripting Vulnerability
RRJ Nueva Ecija Engineer Online Portal is an online portal for engineers from RRJ Nueva Ecija. A cross-site scripting vulnerability exists in RRJ Nueva Ecija Engineer Online Portal version 1.0, which stems from the parameter Firstname/Lastname/Username in the file /admin/adminuser.php that causes...
CVE-2023-6898 SourceCodester Best Courier Management System manage_user.php sql injection
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The...
PT-2023-32807 · Sourcecodester · Sourcecodester Best Courier Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Best Courier Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file manage user.php. The manipulation of the id argument leads to sql injection. The...