46 matches found
CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...
Sql injection
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...
Directory traversal
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...
CVE-2022-46966
Revenue Collection System v1.0 contains a SQL injection vulnerability in step1.php. Root cause: unparameterized input in that endpoint. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction. Expect high impact to confidentiality, integrity, and availability. No fix d...
CVE-2022-46967
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...
Revenue Collection System 安全漏洞
Revenue Collection System is a land property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System version v1.0 that stems from improper access control of its /admin/DBbackup/ component allowing an unauthenticated attacker...
Revenue Collection System SQL注入漏洞
Revenue Collection System is a landed property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System v1.0, which stems from its step1.php file that allows attackers to implement SQL injection...
PT-2023-15121 · Unknown · Revenue Collection System
Name of the Vulnerable Software and Affected Versions: Revenue Collection System version 1.0 Description: The issue is related to a SQL injection vulnerability. It affects the step1.php endpoint. Recommendations: For Revenue Collection System version 1.0, consider disabling access to the step1.ph...
CVE-2022-46967
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...
CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...
CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...
CVE-2022-46967
Revenue Collection System v1.0 is affected by an access-control flaw that allows unauthenticated users to access the /admin/DBbackup/ directory, exposing backup data. The issue is described as an access-control vulnerability with high impact to confidentiality, integrity, and availability (per CV...
Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass
Exploit Title: Revenue Collection System v1.0 - Authentication Bypass via Stored XSS Exploit Author: Joe Pollock Date: November 16, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link:...
Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass Exploit
Exploit Title: Revenue Collection System v1.0 - Authentication Bypass via Stored XSS Exploit Author: Joe Pollock Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/rates.zip Tested on: Ka...
CVE-2022-28416
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=deletephase...
Home Owners Collection Management System SQL注入漏洞
Home Owners Collection Management System is a homeowner collection management system. Home Owners Collection Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)
Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
CVE-2021-41123
Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...
Default credentials
Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...
SQL Injection Vulnerability in Health Collection Reporting System (CNVD-2021-24511)
Health collection and reporting system using PHP + mysql development, open source code, to facilitate secondary development. Health collection and reporting system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...