147 matches found
CVE-2024-36668
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/typedeal.php?mudi=del...
CVE-2024-35560
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=del=...
CVE-2024-35554
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=del=newsWeb...
CVE-2024-55104
CVE-2024-55104 affects Online Nurse Hiring System v1.0. The vulnerability is a set of SQL injection flaws in the /admin/add-nurse.php component, exploitable via the gender and emailid parameters. The CVSSv3.1 metrics indicate a High severity (7.2) with network attack vector, low attack complexity...
CVE-2024-55104
Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters...
CVE-2024-48581
File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the adminclass.php component...
CVE-2024-44812
SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component...
CVE-2024-44812
SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component...
CVE-2024-44819
Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component...
CVE-2024-44819
Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive information via a crafted script to the pagename parameter of the admin/del.php component...
PT-2024-28332 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/vpsApiData deal.php. The mudi parameter is involved, specifically when set to del. This allows for unauthorized actions to be...
PT-2024-28367 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/ipRecord deal.php component when the mudi parameter is set to add. This allows for unauthorized actions to be performed. Recommendations:...
CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...
CVE-2024-36670
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=del...
The vulnerability of the members/moremember.pl and admin/aqbudgets.pl components of the Koha library process automation software allows a hacker to execute arbitrary commands.
The vulnerability of the members/moremember.pl and admin/aqbudgets.pl components of the Koha library process automation software is related to the absence of a mechanism to neutralize these elements in the CSV file. Exploiting this vulnerability allows a remote attacker to execute arbitrary DDE...
CVE-2024-35553
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=add&nohrefStr=close...
CVE-2024-35557
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/vpsApideal.php?mudi=rev&nohrefStr=close...
CVE-2024-35561
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=add&nohrefStr=close...
CVE-2024-35560
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=del&dataType=&dataTypeCN...
CVE-2024-35560
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=del&dataType=&dataTypeCN...