CVE-2019-16641

The CVE-2019-16641 issue affects Ruijie EG-2000 series gateways (notably EG-2000SE and EG_RGOS 11.1(1)B1). A buffer overflow in the client.so component enables a login.bypass via login.php, letting an attacker access any account without a password. Connected sources confirm the affected products ...

CVE-2024-37871

SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...

PT-2024-27800 · Unknown · Itsourcode Online Discussion Forum Project In Php With Source Code

Name of the Vulnerable Software and Affected Versions: Itsourcecode Online Discussion Forum Project in PHP with Source Code version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the email parameter in the "login.php" file...

CVE-2024-6213

A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file login.php of the component Login Panel. The manipulation of the argument username leads to sql injection. It is possible to initiate...

CVE-2024-6213 SourceCodester Food Ordering Management System Login Panel login.php sql injection

A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file login.php of the component Login Panel. The manipulation of the argument username leads to sql injection. It is possible to initiate...

CVE-2024-6192

A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The explo...

CVE-2024-6191

CVE-2024-6191 affects itsourcecode Student Management System 1.0, specifically the Login Page login.php. The vulnerability is a SQL injection caused by unsafely handling the user parameter, exploitable remotely. Public disclosure has occurred. The connected sources discuss remote impact and the n...

CVE-2024-6113 itsourcecode Monbela Tourist Inn Online Reservation System login.php sql injection

A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-6113 itsourcecode Monbela Tourist Inn Online Reservation System login.php sql injection

A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The...

Monbela Tourist Inn Online Reservation System SQL注入漏洞

Monbela Tourist Inn Online Reservation System is itsourcecode open source an online reservation system for tourists and hotels developed using PHP for storing and retrieving data or any transactions carried out. itsourcecode Monbela Tourist Inn Online Reservation System login.php SQL injection...

CVE-2024-6111 itsourcecode Pool of Bethesda Online Reservation System login.php sql injection

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-5519

A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the German team HAWK Digital Environments. HAWKI suffers from a cross-site scripting vulnerability that stems from a reflected cross-site scripting XSS vulnerability in the file login.php...

CVE-2024-5118 SourceCodester Event Registration System login.php sql injection

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-5118 SourceCodester Event Registration System login.php sql injection

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-5098

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

CVE-2024-5098

SourceCodester Simple Inventory System 1.0 has a SQL injection vulnerability in login.php via the username parameter. The CVE-2024-5098 entry confirms an exploit has been disclosed. Several connected sources corroborate the issue and suggest updating to a newer version as the fix, and offer inter...

CVE-2024-5098 SourceCodester Simple Inventory System login.php sql injection

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...