1593 matches found
CVE-2024-34191
htmly v2.9.6 was discovered to contain an arbitrary file deletion vulnerability via the deletepost function at admin.php. This vulnerability allows attackers to delete arbitrary files via a crafted request...
CVE-2024-34191
HTMly version 2.9.6 is affected by CVE-2024-34191, a vulnerability in delete_post() (admin.php) that enables arbitrary file deletion via a crafted request. The issue is documented across multiple sources (NVD/Red Hat OSV, etc.), with a CVSS v3.1 base score of 6.5 (I: High, A: None) and an attack ...
PT-2024-32947 · Unknown · Kashipara College Management System
Name of the Vulnerable Software and Affected Versions: Kashipara College Management System version 1.0 Description: A critical issue has been found in the Kashipara College Management System, affecting an unknown functionality of the file submit admin.php. The manipulation of the phone argument...
CVE-2024-28557
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php...
CVE-2024-28557
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php...
CVE-2024-28557
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php...
CVE-2024-28557
CVE-2024-28557 affects Sourcecodester PHP Task Management System v1.0, with a SQL Injection vulnerability in update-admin.php. The underlying cause is improper input handling that allows an attacker to inject SQL through crafted payloads, enabling remote code execution, privilege escalation, and ...
Prison Management System add-admin.php File Upload Vulnerability
Prison Management System is a prison management system. A file upload vulnerability exists in Prison Management System version 1.0, which stems from a lack of validation of uploaded files in the avatar parameter of the /Admin/add-admin.php file. This vulnerability can be exploited to remotely...
Employee Management System 1.0 - 'admin_id' SQLi
Exploit Title: Employee Management System 1.0 - 'adminid' SQLi Date: 20-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html Version: 1.0 Tested on...
CVE-2024-28595
SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the adminid parameter in update-admin.php...
CVE-2024-2576 SourceCodester Employee Task Management System update-admin.php authorization
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument adminid leads to authorization bypass. It is possible to initiate the attack remotely. T...
CVE-2024-2576 SourceCodester Employee Task Management System update-admin.php authorization
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument adminid leads to authorization bypass. It is possible to initiate the attack remotely. T...
CVE-2024-2557
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed t...
CVE-2024-2557 kishor-23 Food Waste Management System admin.php improper authorization
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed t...
CVE-2024-2394 SourceCodester Employee Management System add-admin.php unrestricted upload
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/add-admin.php. The manipulation of the argument avatar leads to unrestricted upload. The attack may be launched...
CVE-2024-2394 SourceCodester Employee Management System add-admin.php unrestricted upload
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/add-admin.php. The manipulation of the argument avatar leads to unrestricted upload. The attack may be launched...
PT-2024-20191 · Sourcecodester · Sourcecodester Employee Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Management System version 1.0 Description: A critical issue affects some unknown functionality of the file /Admin/add-admin.php, where the manipulation of the avatar argument leads to unrestricted upload. This issue ca...
Cross site scripting
XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin.php...
CVE-2023-49490
XunRuiCMS v4.5.5 contains a reflective cross-site scripting (XSS) vulnerability exploitable via the component /admin.php. The issue is documented across multiple sources (NVD, Red Hat, CNNVD, CVE listing) and is associated with XunRuiCMS 4.5.5. The root cause is reflective XSS in /admin.php, allo...
PT-2023-31244 · Xunruicms · Xunruicms
Name of the Vulnerable Software and Affected Versions: XunRuiCMS version 4.5.5 Description: A reflective cross-site scripting XSS issue was found in XunRuiCMS via the component /admin.php. This allows for potential XSS attacks. Recommendations: For XunRuiCMS version 4.5.5, as a temporary...