17 matches found
CVE-2024-2282
A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component Login Page. The manipulation of the argument useremail leads to sql injection. The attack may be initiated...
EUVD-2024-27239
Malicious code in bioql PyPI...
CVE-2024-2285
A vulnerability, which was classified as problematic, has been found in boyiddha Automated-Mess-Management-System 1.0. Affected by this issue is some unknown functionality of the file /member/memberedit.php. The manipulation of the argument name leads to cross site scripting. The attack may be...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in boyiddha Automated-Mess-Management-System 1.0. Affected by this issue is some unknown functionality of the file /member/memberedit.php. The manipulation of the argument name leads to cross site scripting. The attack may be...
CVE-2024-2285 boyiddha Automated-Mess-Management-System member_edit.php cross site scripting
A vulnerability, which was classified as problematic, has been found in boyiddha Automated-Mess-Management-System 1.0. Affected by this issue is some unknown functionality of the file /member/memberedit.php. The manipulation of the argument name leads to cross site scripting. The attack may be...
CVE-2024-2285
CVE-2024-2285 affects boyiddha Automated-Mess-Management-System 1.0. The issue is a stored/reflective XSS caused by manipulation of the name parameter in the file /member/member_edit.php, reported as potentially exploitable remotely. Public details consistently identify the vulnerable component a...
CVE-2024-2284
The CVE-2024-2284 entry concerns the boyiddha Automated-Mess-Management-System (version 1.0), specifically the Chat Book component. The vulnerability is a Stored/Reflected Cross-Site Scripting issue arising from manipulation of the msg argument in the /member/chat.php endpoint, allowing remote ex...
CVE-2024-2284 boyiddha Automated-Mess-Management-System Chat Book chat.php cross site scripting
A vulnerability classified as problematic was found in boyiddha Automated-Mess-Management-System 1.0. Affected by this vulnerability is an unknown functionality of the file /member/chat.php of the component Chat Book. The manipulation of the argument msg leads to cross site scripting. The attack...
CVE-2024-2283
A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2281
A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated...
Sql injection
A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2283 boyiddha Automated-Mess-Management-System view.php sql injection
A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2283 boyiddha Automated-Mess-Management-System view.php sql injection
A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Affected is an unknown function of the file /member/view.php. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2283
CVE-2024-2283 affects boyiddha Automated-Mess-Management-System 1.0. Multiple connected sources confirm a SQL injection in the /member/view.php file caused by manipulating the date parameter, enabling remote exploitation; exploit disclosure is noted. Practical impact is high due to potential data...
CVE-2024-2282
CVE-2024-2282 affects boyiddha Automated-Mess-Management-System 1.0. The vulnerability is a SQL injection in the Login Page’s /index.php caused by manipulation of the useremail argument. Impact is high/critical per sources, with remote exploitation and public disclosure. Multiple connected source...
CVE-2024-2281
CVE-2024-2281 affects boyiddha Automated-Mess-Management-System 1.0, specifically the /admin/index.php file in the Setting Handler. The vulnerability enables improper access controls and can be exploited remotely, with multiple sources describing a critical impact and public disclosure. Root caus...
PT-2024-19571 · Unknown · Boyiddha Automated-Mess-Management-System
Name of the Vulnerable Software and Affected Versions: boyiddha Automated-Mess-Management-System version 1.0 Description: A critical issue affects the Setting Handler component of the system, specifically the /admin/index.php file, leading to improper access controls. The attack can be initiated...