Medicine Tracker System 跨站请求伪造漏洞

Medicine Tracker System is a drug tracking system by the individual developer Carlo Montero. A cross-site request forgery vulnerability exists in Medicine Tracker System version 1.0, which stems from unknown code in file /classes/Users.php?f=saveuser that can lead to cross-site request forgery...

CVE-2024-6649 SourceCodester Employee and Visitor Gate Pass Logging System Users.php save_users cross-site request forgery

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function saveusers of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched...

SourceCodester Home Owners Collection Management System Code Issue Vulnerability

Home Owners Collection Management System is a homeowners collection management system. A code issue vulnerability exists in SourceCodester Home Owners Collection Management System version 1.0, which stems from the parameter img in the file /classes/Users.php?f=save that can lead to unrestricted...

CVE-2024-6216 SourceCodester Food Ordering Management System add-users.php sql injection

A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file add-users.php. The manipulation of the argument contact leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2024-6216 SourceCodester Food Ordering Management System add-users.php sql injection

A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file add-users.php. The manipulation of the argument contact leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

Employee and Visitor Gate Pass Logging System SQL Injection Vulnerability

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system developed by Carlo Montero. An SQL injection vulnerability exists in Employee and Visitor Gate Pass Logging System version 1.0 due to an unknown part of the deleteusers function in /classes/Users.php, whi...

PT-2024-37231 · Sourcecodester · Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue was found in the save users function of the /classes/Users.php file, specifically in the id argument, which leads to sql injection. This...

CVE-2024-35352

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting...

CVE-2024-35353

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization...

CVE-2024-35353

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization...

CVE-2024-35345

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting...

PT-2024-26452 · Unknown · Diño Physics School Assistant

Name of the Vulnerable Software and Affected Versions: Diño Physics School Assistant version 2.3 Description: A vulnerability has been discovered that impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the id argument can result in improper authorization...

Dino Physics School Assistant 安全漏洞

Dino Physics School Assistant is an application. A security vulnerability exists in Dino Physics School Assistant version 2.3, which stems from an authorization error vulnerability in the parameter id of the file classes/Users.php...

PT-2024-26446 · Unknown · Diño Physics School Assistant

Name of the Vulnerable Software and Affected Versions: Diño Physics School Assistant version 2.3 Description: A vulnerability has been discovered that impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting. Recommendations: For...

PT-2024-33348 · Sourcecodester · Sourcecodester Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown function of the file /employee gatepass/classes/Users.php?f=ssave. The...

CVE-2024-3695 SourceCodester Computer Laboratory Management System Users.php cross site scripting

A vulnerability has been found in SourceCodester Computer Laboratory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely...

PT-2024-27221 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A security issue has been found that allows cross-site scripting XSS attacks. This is due to the manipulation of the id argument in the /classes/Users.php file, whi...

CVE-2024-3314

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was...

CVE-2024-3314 SourceCodester Computer Laboratory Management System Users.php sql injection

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was...

CVE-2024-3314 SourceCodester Computer Laboratory Management System Users.php sql injection

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was...