CVE-2021-41660

SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php...

Sql injection

SQL injection vulnerability in Sourcecodester Patient Appointment Scheduler System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password fields to login.php...

CVE-2021-41660

The CVE-2021-41660 entry relates to a SQL injection in Sourcecodester Patient Appointment Scheduler System v1 (author oretnom23). The vulnerability is triggered through unsanitized input in the login.php username and password fields, allowing an attacker to execute arbitrary SQL commands. Public ...

CVE-2021-40907

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

Sql injection

SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the facultyid parameter...

Sql injection

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...

Sql injection

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...

CVE-2021-40908

The CVE-2021-40908 issue affects Sourcecodester Purchase Order Management System v1.0, via Login.php where the username parameter is vulnerable to SQL injection. The underlying root cause is improper handling/validation of externally supplied SQL statements, enabling an attacker to run arbitrary ...

CVE-2021-40908

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...

CVE-2021-40596

The CVE-2021-40596 entry concerns a SQL injection in the Login.php file of the sourcecodester Online Learning System v2 (by oretnom23). The vulnerability is exploitable via the faculty_id parameter, allowing an attacker to execute arbitrary SQL commands. Public references in connected documents c...

CVE-2021-40596

SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the facultyid parameter...

Sourcecodester Purchase Order Management System SQL注入漏洞

Sourcecodester Purchase Order Management System is a simple purchase order management system used to manage the purchase order records of a particular company. SQL injection vulnerability exists in Sourcecodester Purchase Order Management System, which Sourcecodester Purchase Order Management...

Sql injection

SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leavesystem/classes/Login.php...

CVE-2021-44244

An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php...

Child's Day Care Management System 1.0 SQL Injection

Title: Child's Day Care Management System 1.0 SQL - Injection Author: nu11secur1ty Date: 12.16.2021 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15085/childs-day-care-management-system-phpoop-free-source-code.html Description: The username in...

Pluck Authorization Issues Vulnerabilities

Pluck is a content management system CMS developed using the PHP language. Pluck-CMS Pluck suffers from an authorization issue vulnerability that stems from a session repair vulnerability in login.php that allows an attacker to maintain unauthorized access to the platform. Since Pluck does not...

CVE-2021-31745

CVE-2021-31745 affects Pluck-CMS (Pluck 4.7.15). A session-fixation vulnerability in login.php allows an attacker to sustain unauthorized access because prior sessions are not invalidated after a password change. The available documents describe the issue and do not specify a patch version or con...

CVE-2021-43130

An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System CRM 1.0 via the username parameter in customer/login.php...

Sql injection

Online Student Admission System 1.0 is affected by an unauthenticated SQL injection bypass vulnerability in /admin/login.php...

CVE-2018-16061

Mitsubishi Electric Europe B.V. SmartRTU devices allow XSS via the username parameter or PATHINFO to login.php...