Computer Laboratory Management System 安全漏洞

Computer Laboratory Management System is a computer laboratory management system. A security vulnerability exists in Computer Laboratory Management System v1.0, which stems from a cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or HTML via a crafted...

Computer Book Store Security Breach

Computer Book Store is an online bookstore system by the individual developer Carmelo Garcia. A security vulnerability exists in Code-projects Computer Book Store version 1.0, which stems from vulnerability to SQL injection attacks...

Online Computer and Laptop Store 代码问题漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. A code issue vulnerability exists in Online Computer and Laptop Store version 1.0, which stems from the file /classes/SystemSettings.php?f=updatesettings causing unrestricted uploads...

CVE-2024-28279

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=...

CVE-2024-28279

CVE-2024-28279 affects Code-projects Computer Book Store 1.0. The vulnerability is an SQL Injection exploitable via the endpoint book.php?bookisbn=, enabling remote manipulation. Several connected sources confirm the issue and indicate high risk (CVSS v3.1: 7.3, HIGH). Remediation/immediate actio...

CVE-2024-28279

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=...

CVE-2024-34225

CVE-2024-34225 affects Computer Laboratory Management System (php-lms) version 1.0, with a Cross Site Scripting flaw in the admin info page. The vulnerability arises from the php-lms/admin/?page=system_info endpoint, where the name and shortname parameters can be injected to render arbitrary scri...

CVE-2024-34225

Cross Site Scripting vulnerability in php-lms/admin/?page=systeminfo in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters...

CVE-2024-34225

Cross Site Scripting vulnerability in php-lms/admin/?page=systeminfo in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters...

CVE-2024-34224

Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters...

CVE-2024-34224

Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters...

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=updatesettings. The manipulation leads to unrestricted upload. The attack can be...

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=updatesettings. The manipulation leads to unrestricted upload. The attack can be...

Malicious code in @asdfvr/qaqazzaaa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00ddae9d7021daf95bf5000e1b7f278bcf84e7b46ceba0a5ed05943b9d7ebf57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1358 Malicious code in @asdfvr/qaqazzaaa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00ddae9d7021daf95bf5000e1b7f278bcf84e7b46ceba0a5ed05943b9d7ebf57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in encodelen (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16f1c093c0c4c15a7c9e7438a370a2a3d42de41f0f6cc7a21695023e73647884 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-25755 · Unknown · Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: Computer Laboratory Management System version 1.0 Description: The issue concerns a Cross Site Scripting vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the name and shortname parameters in the...

PT-2024-33021 · Unknown · Sourcecodester Online Computer/Laptop Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A critical issue has been found, affecting an unknown functionality of the file /classes/SystemSettings.php?f=update settings. This allows for unrestricted upload and ca...

PT-2024-22377 · Unknown · Code-Projects Computer Book Store

Name of the Vulnerable Software and Affected Versions: Code-projects Computer Book Store version 1.0 Description: The issue allows for SQL Injection, which can be exploited via the "book.php?bookisbn=" endpoint. An attacker can manipulate this endpoint remotely. It is estimated that a significant...

CVE-2024-4798 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/managebrand.php. The manipulation of the argument id leads to sql injection. The attack may...