CVE-2024-33968 SQL injection in Janobe products

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...

CVE-2024-33968

CVE-2024-33968 describes a SQL injection in the PayPal, Credit Card and Debit Card Payment app (version 1.0) from Janobe. The vulnerability is exploitable via the AttendanceMonitoring/report/index.php endpoint, specifically through the Attendance and YearLevel parameters, allowing retrieval of da...

CVE-2024-33968 SQL injection in Janobe products

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...

PT-2024-25614 · Unknown · School Management System +1

Name of the Vulnerable Software and Affected Versions: School Attendance Monitoring System version 1.0 School Event Management System version 1.0 Description: A Cross-Site Scripting XSS issue affects the system, allowing an attacker to create a specially crafted URL and send it to a victim to...