Cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Flashcard Quiz App 1.0. This affects an unknown part of the file /endpoint/update-flashcard.php. The manipulation of the argument question/answer leads to cross site scripting. It is possible to initiate the attack...

CVE-2023-5791

The CVE-2023-5791 entry concerns SourceCodester Sticky Notes App 1.0. An XSS vulnerability exists in the file endpoint/add-note.php, triggered by manipulating the noteTitle/noteContent parameters. A remote attack is possible, and the exploit has been disclosed publicly. Multiple connected records...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Contact Manager App 1.0. This affects an unknown part of the file index.php of the component Contact Information Handler. The manipulation of the argument contactID with the input "alert1 leads to cross site scripting. It ...

CVE-2023-4871

CVE-2023-4871 affects SourceCodester Contact Manager App 1.0, specifically the delete.php file. The vulnerability stems from manipulations of the contact/contactName (or related contactName parameter) enabling SQL injection via remote access. Public exploit information exists, indicating real-wor...

CVE-2023-4868

SourceCodester Contact Manager App 1.0 has a CSRF vulnerability in add.php. The issue can be exploited remotely and exploits have been disclosed publicly. Red Hat and PT Security documents suggest restricting or disabling access to add.php as a temporary mitigation; no patch/version details are p...

CVE-2023-4865

A vulnerability has been found in SourceCodester Take-Note App 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2023-4865

CVE-2023-4865 affects SourceCodester Take-Note App 1.0 and is described as a cross-site request forgery (CSRF) vulnerability. The affected code is not specified; the vulnerability can be exploited remotely, and public/exploitation details have been disclosed (VDB-239350). The available records do...

CVE-2023-1785

CVE-2023-1785 affects SourceCodester Earnings and Expense Tracker App 1.0. The vulnerability is a SQL injection in the unknown function of the file manage_user.php triggered by manipulation of the id parameter, allowing remote exploitation. Multiple connected sources corroborate the existence of ...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and Expense Tracker App 1.0. This issue affects some unknown processing of the file LoginRegistration.php?a=registeruser. The manipulation of the argument fullname leads to cross site scripting. The...

CVE-2022-3774

A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /trainschedulerapp/?action=delete. The manipulation of the argument id leads to improper control of resource identifiers. The attack may...

CVE-2022-3774

CVE-2022-3774 affects SourceCodester Train Scheduler App 1.0. The vulnerability is an Insecure Direct Object Reference (IDOR) in the endpoint /train_scheduler_app/?action=delete, where the id parameter allows improper control of resource identifiers. Multiple sources (NVD, Red Hat, CVE listings, ...

thesystem App 1.0 SQL Injection

Exploit Title: thesystem App 1.0 - 'username' SQL Injection Author: Anıl Baran Yelken Discovery Date: 2019-09-26 Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS: Windows 10 CVE: N/A...

thesystem App 1.0 - (username) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: thesystem App 1.0 - 'username' SQL Injection Author: Anıl Baran Yelken Vendor Homepage: https://github.com/kostasmitroglou/thesystem Software Link: https://github.com/kostasmitroglou/thesystem Tested Version: 1.0 Tested on OS:...