Lucene search
K

367 matches found

Vulnrichment
Vulnrichment
added 2023/12/29 7:31 a.m.9 views

CVE-2023-7160 SourceCodester Engineers Online Portal Add Engineer cross site scripting

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add Engineer Handler. The manipulation of the argument first name/last name with the input alert0 leads to cross site...

3.3CVSS6AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.4 views

Engineers Online Portal Cross-Site Scripting Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. A cross-site scripting vulnerability exists in SourceCodester Engineers Online Portal version 1.0, which stems from the...

6.1CVSS6AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.6 views

PT-2023-32915 · Unknown · Sourcecodester Engineers Online Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Engineers Online Portal version 1.0 Description: A vulnerability was found in the component Add Engineer Handler of the SourceCodester Engineers Online Portal. The manipulation of the argument first name/last name with the inpu...

6.1CVSS4.5AI score0.00311EPSS
Exploits0References6
HackRead
HackRead
added 2023/11/03 8:1 p.m.26 views

Lazarus Group uses KandyKorn macOS malware for crypto theft

By Deeba Ahmed Another day, another malware operation by the infamous Lazarus group targeting blockchain engineers and crypto users. This is a post from HackRead.com Read the original post: Lazarus Group uses KandyKorn macOS malware for crypto theft...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/01 9:2 a.m.54 views

North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

State-sponsored threat actors from the Democratic People's Republic of Korea DPRK have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023,...

8.1AI score
Exploits0
OSV
OSV
added 2023/09/29 8:15 p.m.4 views

CVE-2023-5283

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS5.7AI score0.00645EPSS
Exploits1References3
NVD
NVD
added 2023/09/29 8:15 p.m.23 views

CVE-2023-5283

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS7.3AI score0.00645EPSS
Exploits1References3
OSV
OSV
added 2023/09/29 8:15 p.m.4 views

CVE-2023-5284

A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file uploadsavestudent.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The...

8.8CVSS5.4AI score0.00832EPSS
Exploits1References3
NVD
NVD
added 2023/09/29 8:15 p.m.13 views

CVE-2023-5284

A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file uploadsavestudent.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The...

8.8CVSS7.2AI score0.00832EPSS
Exploits1References3
Prion
Prion
added 2023/09/29 8:15 p.m.17 views

Sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

6.5CVSS9AI score0.00645EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/09/29 7:31 p.m.20 views

CVE-2023-5284 SourceCodester Engineers Online Portal upload_save_student.php unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file uploadsavestudent.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The...

6.5CVSS9AI score0.00832EPSS
Exploits1References3
CVE
CVE
added 2023/09/29 7:31 p.m.125 views

CVE-2023-5284

SourceCodester Engineers Online Portal 1.0 contains a vulnerability in the upload_save_student.php function where manipulating the uploaded_file parameter enables unrestricted file upload. This remote exploitation can lead to arbitrary code execution as indicated by multiple sources; the vulnerab...

8.8CVSS7.1AI score0.00832EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/09/29 7:15 p.m.13 views

CVE-2023-5282

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seedmessagestudent.php. The manipulation of the argument teacherid leads to sql injection. The attack can be initiated remotely. The explo...

9.8CVSS7.4AI score0.00684EPSS
Exploits1References3
Prion
Prion
added 2023/09/29 7:15 p.m.19 views

Sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seedmessagestudent.php. The manipulation of the argument teacherid leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS9.7AI score0.00684EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/29 7:15 p.m.22 views

Sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file removeinboxmessage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS9.7AI score0.0069EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/29 7:0 p.m.19 views

CVE-2023-5283 SourceCodester Engineers Online Portal teacher_signup.php sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

6.5CVSS7.3AI score0.00645EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/29 7:0 p.m.34 views

CVE-2023-5283 SourceCodester Engineers Online Portal teacher_signup.php sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teachersignup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The...

6.5CVSS9.2AI score0.00645EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/29 7:0 p.m.21 views

CVE-2023-5282 SourceCodester Engineers Online Portal seed_message_student.php sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seedmessagestudent.php. The manipulation of the argument teacherid leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS10AI score0.00684EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/09/29 7:0 p.m.12 views

CVE-2023-5282 SourceCodester Engineers Online Portal seed_message_student.php sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seedmessagestudent.php. The manipulation of the argument teacherid leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS7.5AI score0.00684EPSS
Exploits1References3
CVE
CVE
added 2023/09/29 7:0 p.m.53 views

CVE-2023-5282

CVE-2023-5282 affects SourceCodester Engineers Online Portal 1.0; vulnerable in seed_message_student.php, where manipulating the teacher_id parameter enables SQL injection. Exploitation described as remote with public disclosure; multiple sources corroborate the vulnerability. Documented impact i...

9.8CVSS7.4AI score0.00684EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder