CVE-2024-6114

The CVE-2024-6114 entry affects itsourcecode’s Monbela Tourist Inn Online Reservation System (versions up to 1.0). Affected is an unknown function in controller.php where manipulating the image parameter enables unrestricted uploads, enabling remote exploitation. Public disclosure of the exploit ...

CVE-2024-6112

CVE-2024-6112 affects the Pool of Bethesda Online Reservation System (version 1.0) in itsourcecode. The vulnerability resides in the index.php file, where manipulation of the log_email parameter leads to SQL injection. This can be triggered remotely and, per multiple sources, exploitation has bee...

CVE-2024-6111 itsourcecode Pool of Bethesda Online Reservation System login.php sql injection

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-6111 itsourcecode Pool of Bethesda Online Reservation System login.php sql injection

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-6111

The CVE-2024-6111 entry describes a SQL injection in Bethesda Online Reservation System (itsourcecode Pool of Bethesda Online Reservation System) version 1.0, affecting an unknown portion of login.php. The root cause is manipulation of the email parameter, enabling remote exploitation with disclo...

CVE-2024-6110

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may ...

CVE-2024-6109

A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

CVE-2024-6110 itsourcecode Magbanua Beach Resort Online Reservation System controller.php unrestricted upload

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may ...

CVE-2024-6110

The CVE-2024-6110 entry concerns Magbanua Beach Resort Online Reservation System (versions up to 1.0) where the file controller.php contains a vulnerability in the image parameter that allows unrestricted uploads. The core issue is an input handling flaw in the image argument, enabling remote exp...

CVE-2024-6109 itsourcecode Tailoring Management System addmeasurement.php sql injection

A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...

CVE-2024-6109

CVE-2024-6109 affects itsourcecode Tailoring Management System 1.0. The vulnerability is an SQL injection in addmeasurement.php triggered by the id parameter, exploitable remotely. Multiple databases/gangs (NVD, Red Hat, CVE list, Vuln enrichment) confirm the issue and indicate high risk/impact; ...

CVE-2024-6084

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to...

CVE-2024-6084 itsourcecode Pool of Bethesda Online Reservation System uploadImage unrestricted upload

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to...

CVE-2024-6084

CVE-2024-6084 affects the Bethesda/itsourcecode Pool Online Reservation System up to version 1.0. The vulnerable component is the uploadImage function in /admin/mod_room/controller.php?action=add, where manipulating the image argument enables unrestricted file uploads. This vulnerability can be e...

PT-2024-37386 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Tailoring Management System version 1.0 Description: A critical issue has been found in the itsourcecode Tailoring Management System, affecting an unknown functionality of the file addmeasurement.php. The manipulation of the id...

PT-2024-4404 · Itsourcecode · Itsourcecode Banking Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Banking Management System version 1.0 Description: A critical issue was found in the Banking Management System, affecting an unknown functionality of the file admin class.php. The manipulation of the username argument leads to SQ...

CVE-2024-6065

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument useremail leads to sql injection. The attack may be initiated remotely. The exploit has be...

CVE-2024-6065 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument useremail leads to sql injection. The attack may be initiated remotely. The exploit has be...

CVE-2024-37840

SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System Project In PHP With Source Code v1.0 allows remote attackers to execute arbitrary SQL commands via the LessonID parameter...

CVE-2024-6042

A vulnerability was found in itsourcecode Real Estate Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file property-detail.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...