Malicious code in djs-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3dcc117202e21ae1b180b5f80af9dc0a1c0082aee807792f2aeb5b62c8e647d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-24134 · Unknown · Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: Computer Laboratory Management System version 1.0 Description: The issue concerns SQL Injection via the id parameter of the "/admin/damage/view damage.php" API endpoint. Recommendations: For Computer Laboratory Management System version 1.0,...

CVE-2024-31547

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/viewitem.php...

CVE-2024-31546

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/viewdamage.php...

CVE-2024-31547

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/viewitem.php...

CVE-2024-31546

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/viewdamage.php...

CVE-2024-31547

Computer Laboratory Management System v1.0 is affected by a SQL Injection in the id parameter of /admin/item/view_item.php. The vulnerability arises in the application’s input handling for that endpoint, enabling an attacker to manipulate a SQL query and potentially exfiltrate data or impact inte...

CVE-2024-31546

CVE-2024-31546 affects Computer Laboratory Management System v1.0. The vulnerability is a SQL Injection in the /admin/damage/view_damage.php endpoint via the id parameter, caused by unsafe handling of input in a user-controlled query. The CVSS 3.1 metrics indicate a critical impact: HIGH confiden...

CVE-2024-30983

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file...

CVE-2024-30980

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page...

CVE-2024-30981

SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL...

CVE-2024-30980

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page...

CVE-2024-30983

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file...

PT-2024-23702 · Unknown · Phpgurukul Cyber Cafe Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Cyber Cafe Management System Using PHP & MySQL version 1.0 Description: The issue allows attackers to run arbitrary SQL commands via the Computer Location parameter in the "manage-computer.php" page. This enables attackers to...

PT-2024-23700 · Unknown · Cyber Cafe Management System

Name of the Vulnerable Software and Affected Versions: Cyber Cafe Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code. This is achieved via the compname parameter in the "edit-computer-details.php" API endpoint. Recommendations: For Cyber Cafe...

PT-2024-23703 · Unknown · Phpgurukul Cyber Cafe Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Cyber Cafe Management System Using PHP & MySQL version 1.0 Description: The issue allows attackers to run arbitrary SQL commands via the editid variable in the "/edit-computer-detail.php" API endpoint. This enables attackers to...

Cyber Cafe Management System 安全漏洞

Cyber Cafe Management System CCMS is a cyber cafe management system by the individual developer Anuj Kumar. A security vulnerability exists in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0, which originates from a SQL injection vulnerability in file /edit-computer-detail.php...

PT-2024-23705 · Unknown · Phpgurukul Cyber Cafe Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Cyber Cafe Management System Using PHP & MySQL version 1.0 Description: The issue allows attackers to run arbitrary SQL commands via the compname parameter in the "/edit-computer-detail.php" file. This enables attackers to execute...

CVE-2024-30983

SQL Injection in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows arbitrary SQL via the compname parameter in /edit-computer-detail.php. Multiple sources (NVD, Red Hat, CVE lists, CNNVD, PT Security) confirm the vulnerable component and parameter. Impact details in sources ind...

Cyber Cafe Management System 安全漏洞

Cyber Cafe Management System CCMS is a cyber cafe management system by the individual developer Anuj Kumar. A security vulnerability exists in Cyber Cafe Management System version 1.0, which stems from a cross-site scripting XSS vulnerability in the compname parameter in the file...