137 matches found
CVE-2023-33569
CVE-2023-33569 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is an arbitrary code execution via the endpoint ip/eval/ajax.php?action=update_user (or update user per sources). Affected component is the eval/ajax handler; root cause is not detailed beyond code execution r...
Faculty Evaluation System 1.0 - Unauthenticated File Upload
Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Date: 5/29/2023 Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...
Faculty Evaluation System SQL Injection Vulnerability (CNVD-2023-45448)
Faculty Evaluation System is a faculty evaluation system. A SQL injection vulnerability exists in Faculty Evaluation System, which can be exploited by an attacker to directly manipulate the database by constructing malicious query statements to obtain sensitive information or perform arbitrary...
CVE-2023-2962
A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edituser. The manipulation of the argument id leads to sql injection. The attack may be launched...
Sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edituser. The manipulation of the argument id leads to sql injection. The attack may be launched...
CVE-2023-2962
The CVE-2023-2962 issue affects SourceCodester Faculty Evaluation System 1.0, specifically the file index.php?page=edit_user. The root cause is improper handling of the id parameter, enabling SQL injection that can be triggered remotely. Multiple connected sources corroborate a critical vulnerabi...
CVE-2023-2962 SourceCodester Faculty Evaluation System sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edituser. The manipulation of the argument id leads to sql injection. The attack may be launched...
Faculty Evaluation System SQL注入漏洞
Faculty Evaluation System is a faculty evaluation system by Carlo Montero Personal Developer. SourceCodester Faculty Evaluation System version 1.0 suffers from a SQL injection vulnerability that stems from a problem with the file index.php?page=edituser, which can be exploited by an attacker to...
PT-2023-22332 · Sourcecodester · Sourcecodester Faculty Evaluation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Faculty Evaluation System version 1.0 Description: A critical issue has been found in the SourceCodester Faculty Evaluation System, affecting some unknown functionality of the file "index.php?page=edit user". The manipulation o...
CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...
CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...
CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...
CVE-2023-33439
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managetask.php?id=...
CVE-2023-33439
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managetask.php?id=...
CVE-2023-33439
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managetask.php?id=...
Code injection
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...
Sql injection
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managetask.php?id=...
Faculty Evaluation System SQL注入漏洞
Faculty Evaluation System is a faculty evaluation system. A SQL injection vulnerability exists in Faculty Evaluation System, which can be exploited by an attacker to directly manipulate the database by constructing malicious query statements to obtain sensitive information or perform arbitrary...
CVE-2023-33439
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managetask.php?id=...
PT-2023-24344 · Unknown · Sourcecodester Faculty Evaluation System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "/eval/ajax.php?action=save user" API endpoint. This could potentially lead to unauthorized access and control of the...