CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

SourceCodester Leads Manager Tool 安全漏洞

SourceCodester Leads Manager Tool is an open source leads management tool from SourceCodester. A security vulnerability exists in SourceCodester Leads Manager Tool version 1.0, which stems from the lack of a CSRF protection mechanism that could lead to cross-site request forgery attacks...

CVE-2024-7942

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942 SourceCodester Leads Manager Tool update-leads.php cross site scripting

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942

CVE-2024-7942 affects SourceCodester Leads Manager Tool 1.0, specifically the update-leads.php file. The vulnerability is a cross-site scripting (XSS) issue triggered by a manipulated phone_number argument and can be exploited remotely. The public exploit is noted in multiple references. The conn...

SourceCodester Leads Manager Tool 跨站脚本漏洞

SourceCodester Leads Manager Tool is a leads management tool from SourceCodester, Inc. A cross-site scripting vulnerability exists in SourceCodester Leads Manager Tool version 1.0, which stems from the parameter phonenumber in the file update-leads.php that can lead to cross-site scripting attack...

CVE-2024-7644

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

CVE-2024-7644

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

SourceCodester Leads Manager Tool 跨站脚本漏洞

SourceCodester Leads Manager Tool is a leads management tool from SourceCodester, Inc. A cross-site scripting vulnerability exists in SourceCodester Leads Manager Tool version 1.0, which originates from a cross-site scripting vulnerability in the Add Leads Handler component on the...

CVE-2024-7644 SourceCodester Leads Manager Tool Add Leads add-leads.php cross site scripting

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

CVE-2024-7644

SourceCodester Leads Manager Tool 1.0 is affected by a cross-site scripting vulnerability in the Add Leads Handler, specifically the /endpoint/add-leads.php endpoint. The issue arises from manipulating the leads_name and phone_number parameters, enabling remote XSS. The vulnerability is publicly ...

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...