1448 matches found
CVE-2023-1505 SourceCodester E-Commerce System setDiscount.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND SELECT 8973 FROM...
CVE-2023-1504 SourceCodester Alphaware Simple E-Commerce System sql injection
A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND SELECT 6077 FROM SELECTSLEEP5dltn AND 'PhRa'='PhRa leads to sql...
CVE-2023-1503 SourceCodester Alphaware Simple E-Commerce System admin_index.php sql injection
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...
Sql injection
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND SELECT 9110 FR...
Sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to...
Sql injection
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqliquery of the file admincs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high...
CVE-2023-1293
SourceCodester Online Graduate Tracer System 1.0 contains a SQL injection vulnerability in the admin_cs.php file, caused by how mysqli_query handles input. The issue can be triggered remotely and is described as high impact with exploitation disclosed publicly. Some sources cite VDB-222647. Avail...
Format string
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...
CVE-2023-0964
A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Affected is an unknown function of the file admin/products/viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2016-15024
A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...
Information disclosure
A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...
CVE-2016-15024 doomsider shadow denial of service
A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...
PT-2023-10343 · Unknown · Doomsider Shadow
Name of the Vulnerable Software and Affected Versions: doomsider shadow affected versions not specified Description: A vulnerability was found in doomsider shadow, classified as problematic, affecting an unknown function. The manipulation leads to denial of service, requiring a local attack. The...
Sql injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...
CVE-2023-0903 SourceCodester Employee Task Management System edit-task.php sql injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...
CVE-2023-0903 SourceCodester Employee Task Management System edit-task.php sql injection
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...
CVE-2023-0887
A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...
Design/Logic Flaw
A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...
CVE-2023-0887
CVE-2023-0887 affects phjounin TFTPD64-SE 4.64, exploiting the tftpd64_svc.exe component via an unquoted search path. The issue is exploitable only locally, with attack complexity reported as high and required privileges low; user interaction is none, and the impact is described as high for confi...
CVE-2023-0785 SourceCodester Best Online News Portal check_availability.php information exposure
A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file checkavailability.php. The manipulation of the argument username leads to exposure of sensitive information through data querie...