CVE-2024-37858

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/managecategory.php...

Sql injection

A vulnerability was found in code-projects Fighting Cock Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/action/new-feed.php. The manipulation of the argument typefeed leads to sql injection. It is possible to initiate the attack remotel...

CVE-2024-0484

A vulnerability, which was classified as critical, has been found in code-projects Fighting Cock Information System 1.0. This issue affects some unknown processing of the file admin/action/updatemother.php. The manipulation of the argument agemother leads to sql injection. The attack may be...

CVE-2024-0477

CVE-2024-0477 affects code-projects Fighting Cock Information System 1.0, with a SQL injection vulnerability in /admin/action/update-deworm.php caused by unsafely handling the usage_deworm argument. The issue is exploitable remotely, and the vulnerability has been publicly disclosed. Multiple sou...

CVE-2023-38965

Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI...

CVE-2023-5930

A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/students/manageacademic.php. The manipulation of the argument studentid leads to cross site scripting. The attack can be...

Sql injection

A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/students/manageacademic.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public a...

CVE-2023-5924

The CVE-2023-5924 entry refers to Campcodes Simple Student Information System 1.0 with a SQL injection in /admin/courses/view_course.php via the id parameter. Public exploit details exist. CVSSv3.1 base score 7.5 (HIGH) with Network attack, no user interaction, and HIGH confidentiality impact but...

CVE-2023-5923

CVE-2023-5923 — Campcodes Simple Student Information System 1.0 is affected by a SQL injection in an unknown part of /admin/index.php, triggered by manipulating the id parameter. The vuln is described as critical and is accompanied by public disclosure of exploits. The available connected sources...

Cross site scripting

Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting XSS...

CVE-2023-37070

Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting XSS...

Cross site scripting

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/?page=user/manageuser of the component Manage User Page. The manipulation of the argument First Name/Middle Name/Last Name leads...

Sql injection

A vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file deletebus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2023-2774

A vulnerability was found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file viewbranch.php. The manipulation of the argument branchid leads to sql injection. The attack may be launched remotely. Th...

CVE-2023-2775

Affected: code-projects Bus Dispatch and Information System 1.0. Vulnerable component: adminHome.php. Root cause: manipulation of the reach_city argument enables SQL injection, with remote exploit possible. Public exploit disclosed. Documents also mention related advisories (VDB-229281). Impact a...

CVE-2023-2774

CVE-2023-2774 affects code-projects Bus Dispatch and Information System 1.0, targeting the view_branch.php/view branch.php component. The root cause is improper handling of the branchid parameter, enabling SQL injection that can be exploited remotely. Multiple sources confirm a public exploit exi...

CVE-2023-2773

CVE-2023-2773 affects code-projects Bus Dispatch and Information System 1.0. The vulnerability is a SQL injection in the view_admin.php functionality triggered by manipulating the adminid parameter. The issue can be exploited remotely, and the vulnerability impact is described as high (confidenti...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Student Information System 1.0. Affected is admin/?page=students of the Student Roll module. The manipulation with the input alert1 leads to authenticated cross site scripting. Exploit details have been disclosed to the public...