CVE-2024-37868

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable...

CVE-2024-37869

File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable...

itsourcecode Sports Management System Project 安全漏洞

itsourcecode Sports Management System Project is an open source sports management system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Sports Management System Project, which originated from a SQL injection vulnerability found in the deletecategory function of...

PT-2024-31897

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System Project version 1.0 Description: The issue is related to a SQL Injection vulnerability in the delete category function of the sports scheduling/player.php file, which can be exploited via the id argument...

CVE-2024-37868

CVE-2024-37868 involves the Itsourcecode Online Discussion Forum Project v1.0 with a vulnerability in the sendreply.php file that accepts uploaded files via the $_FILES variable, enabling remote code execution. The issue is described with a high impact (C/H/I/A) and CVSS v3.1 score 8.8. Exploitat...

CVE-2024-37869

The CVE-2024-37869 entry describes a file upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0. A remote attacker can trigger arbitrary code execution via the poster.php handler, with the uploaded payload received through the $_FILES variable. The available references indica...

itsourcecode Online Bookstore 代码问题漏洞

itsourcecode Online Bookstore is an online bookstore of itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode Online Bookstore due to an unrestricted file upload in the parameter image...

PT-2024-39132 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Tailoring Management System version 1.0 Description: A critical issue was found in the itsourcecode Tailoring Management System, affecting an unknown functionality of the file ssms.php. The manipulation of the customer argument...

CVE-2024-8570

CVE-2024-8570 concerns a SQL injection vulnerability in Itsourcecode Tailoring Management System v1.0, specifically in the file /inccatadd.php where the title parameter can be manipulated. The issue is exploitable remotely over the network, and multiple sources indicate the exploit has been publi...

PT-2024-39107 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: Itsourcecode Tailoring Management System version 1.0 Description: A critical issue was found in the Itsourcecode Tailoring Management System, affecting some unknown functionality of the file /inccatadd.php. The manipulation of the title...

itsourcecode Alton Management System 安全漏洞

itsourcecode Alton Management System is an online restaurant management system from itsourcecode open source. A security vulnerability exists in version 1.0 of itsourcecode Alton Management System, which stems from vulnerability to SQL injection via the menu parameter in file /noncombosave.php...

CVE-2024-8220

The CVE-2024-8220 entry concerns itsourcecode Tailoring Management System 1.0. Affected component: staffedit.php. Root cause: manipulation of parameters id, stafftype, address, fullname, phonenumber, and salary enables SQL injection. Vector: remote, network-based; exploit has been disclosed publi...

CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-8209

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

CVE-2024-8208

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

CVE-2024-8209 nafisulbari/itsourcecode Insurance Management System addClient.php cross site scripting

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

CVE-2024-8208 nafisulbari/itsourcecode Insurance Management System editClient.php cross site scripting

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

CVE-2024-8171

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2024-8171

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file staffcatedit.php. The manipulation of the argument title leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...