Lucene search
K

25 matches found

OSV
OSV
added 2024/07/29 9:15 a.m.3 views

CVE-2024-7192

A vulnerability, which was classified as critical, was found in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/student.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit...

8.8CVSS6.2AI score0.00619EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/29 8:31 a.m.16 views

CVE-2024-7191 itsourcecode Society Management System get_balance.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/getbalance.php. The manipulation of the argument studentid leads to sql injection. The attack may be launched...

6.5CVSS7.6AI score0.00578EPSS
Exploits1References4
NVD
NVD
added 2024/07/29 8:15 a.m.26 views

CVE-2024-7190

A vulnerability classified as critical was found in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/getprice.php. The manipulation of the argument expensesid leads to sql injection. The attack can be launched remotely. The...

9.8CVSS0.00544EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/29 8:0 a.m.17 views

CVE-2024-7190 itsourcecode Society Management System get_price.php sql injection

A vulnerability classified as critical was found in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/getprice.php. The manipulation of the argument expensesid leads to sql injection. The attack can be launched remotely. The...

6.5CVSS7.7AI score0.00544EPSS
Exploits1References4
CVE
CVE
added 2024/07/29 8:0 a.m.55 views

CVE-2024-7190

The CVE-2024-7190 entry affects itsourcecode Society Management System 1.0, specifically the /admin/get_price.php endpoint where manipulating the expenses_id parameter enables SQL injection. The vulnerability is described as remote-exploitable with a publicly disclosed exploit; assessed severitie...

9.8CVSS7AI score0.00544EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder