PT-2024-31950 · Unknown · Itsourcecode Placement Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Placement Management System version 1.0 Description: The issue is related to Cross Site Scripting XSS via the Full Name field in registration.php. This allows for potential malicious script injection. No information is provided...

CVE-2024-37869

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable...

CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

CVE-2024-37869

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable...

CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

itsourcecode Online Discussion Forum Project 安全漏洞

itsourcecode Online Discussion Forum Project is an online forum project of itsourcecode open source. A security vulnerability exists in itsourcecode Online Discussion Forum Project version v.1.0, which stems from a file upload vulnerability that allows a remote attacker to execute arbitrary code...

CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

PT-2024-31896 · Unknown · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tours and Travels Management System version 1.0 Description: The issue is related to Cross Site Scripting XSS that can be triggered by sending a crafted payload to specific parameters in the travellers.php file. The...

PT-2024-27796 · Unknown · Itsourcode Online Discussion Forum Project

Name of the Vulnerable Software and Affected Versions: Itsourcecode Online Discussion Forum Project version 1.0 Description: A remote attacker can execute arbitrary code via the "sendreply.php" file due to a File Upload vulnerability. The uploaded file is received using the $FILES variable. This...

itsourcecode Sports Management System Project 安全漏洞

itsourcecode Sports Management System Project is an open source sports management system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Sports Management System Project, which originated from a SQL injection vulnerability found in the deletecategory function of...

CVE-2024-37869

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable...

itsourcecode Online Discussion Forum Project 安全漏洞

itsourcecode Online Discussion Forum Project is an online forum project of itsourcecode open source. A security vulnerability exists in itsourcecode Online Discussion Forum Project version v.1.0, which stems from a file upload vulnerability that allows a remote attacker to execute arbitrary code...

PT-2024-31897

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System Project version 1.0 Description: The issue is related to a SQL Injection vulnerability in the delete category function of the sports scheduling/player.php file, which can be exploited via the id argument...

CVE-2024-37869

The CVE-2024-37869 entry describes a file upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0. A remote attacker can trigger arbitrary code execution via the poster.php handler, with the uploaded payload received through the $_FILES variable. The available references indica...

itsourcecode Online Tours and Travels Management System 安全漏洞

itsourcecode Online Tours and Travels Management System is an online travel management system from itsourcecode open source. A security vulnerability exists in itsourcecode Online Tours and Travels Management System v1.0. An attacker can exploit this vulnerability by sending a specially crafted...

CVE-2024-37868

CVE-2024-37868 involves the Itsourcecode Online Discussion Forum Project v1.0 with a vulnerability in the sendreply.php file that accepts uploaded files via the $_FILES variable, enabling remote code execution. The issue is described with a high impact (C/H/I/A) and CVSS v3.1 score 8.8. Exploitat...

CVE-2024-37869

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable...

itsourcecode Online Bookstore 代码问题漏洞

itsourcecode Online Bookstore is an online bookstore of itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode Online Bookstore due to an unrestricted file upload in the parameter image...

PT-2024-39132 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Tailoring Management System version 1.0 Description: A critical issue was found in the itsourcecode Tailoring Management System, affecting an unknown functionality of the file ssms.php. The manipulation of the customer argument...