3490 matches found
CVE-2024-25314
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...
CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
CVE-2024-25306
CVE-2024-25306 affects Code-projects Simple School Managment System 1.0. The vulnerability is a SQL injection via the aname parameter in School/index.php , caused by lack of input validation. Impact is described as high on confidentiality, integrity, and availability per CVSS 3.1 (AV:N/AC:L/PR:L/...
CVE-2024-25312
CVE-2024-25312 affects Code-projects Simple School Managment System 1.0. Affected component: the id parameter in the endpoint at School/sub_delete.php?id=5, where lack of input validation enables SQL Injection. This is documented across multiple sources (NVD/Red Hat/CNVD/CVE listing) and describe...
CVE-2024-25307
CVE-2024-25307 affects Code-projects Cinema Seat Reservation System 1.0: SQL Injection via the id parameter in /Cinema-Reservation/booking.php?id=1. Root cause is unsafe SQL construction that allows attacker-controlled input to influence queries, with reported CVSS v3.1 base metrics of 9.8 (CRITI...
CVE-2024-25314
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...
PT-2024-20877 · Code Projects · Code-Projects Simple School Managment System
Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the name parameter at the "School/teacher login.php" endpoint. This could potentially lead to unauthorized access to sensitive data...
CVE-2024-25318
Code-projects Hotel Managment System 1.0 is affected by CVE-2024-25318, where the pid parameter in Hotel/admin/print.php?pid=2 enables SQL injection. Root cause is unsafe handling/validation of the pid value, permitting attacker-crafted queries that could disclose or manipulate data. CVSS 3.1 bas...
PT-2024-20881 · Code Projects · Code-Projects Simple School Managment System
Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the id parameter at the "School/sub delete.php?id=5" endpoint. This could potentially lead to unauthorized access or manipulation of...
CVE-2024-25304
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."...
CVE-2024-25305
CVE-2024-25305 affects Code-projects Simple School Managment System 1.0. The issue is an authentication bypass via the username and password parameters on the School/index.php endpoint, enabling bypass of login to gain administrative access. The connected documents corroborate the vulnerability a...
CVE-2024-25315
CVE-2024-25315 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL injection via the rid parameter in Hotel/admin/roombook.php?rid=2, arising from unsanitized input in that endpoint. CVSS v3.1 metrics show a CRITICAL impact (C:H, I:H, A:H) with NETWORK attack vector and ...
CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
CVE-2024-25307
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."...
PT-2024-20882 · Code Projects · Code-Projects Simple School Managment System
Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows authentication bypass via the username and password parameters at the "School/teacher login.php" endpoint. Recommendations: For Code-projects Simple School...
CVE-2024-25316
CVE-2024-25316 affects Code-projects Hotel Managment System 1.0. The vulnerability is an SQL Injection in the endpoint Hotel/admin/usersettingdel.php?eid=2, via the eid parameter. Affected component: the usersettingdel handling code under Hotel/admin. Impact is described as high/critical in CVSS ...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."...
CVE-2024-25316
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2...
CVE-2024-25304
The CVE-2024-25304 affects Code-projects Simple School Management System 1.0, where an SQL Injection flaw exists in the School/index.php entry point via the 'apass' parameter. The root cause is lack of input validation for this parameter, enabling attackers to manipulate queries and potentially a...
CVE-2024-25315
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2...