6 matches found
CVE-2021-25212
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manageevent.php...
Sql injection
A vulnerability classified as critical has been found in SourceCodester Online DJ Management System 1.0. Affected is an unknown function of the file admin/events/manageevent.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to...
CVE-2021-25212
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manageevent.php...
CVE-2021-25212
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manageevent.php...
CVE-2021-25210
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...
CVE-2021-25210
The CVE-2021-25210 entry concerns SourceCodester Alumni Management System v1.0. Affected software: SourceCodester Alumni Management System; vulnerable component: the file upload pathway (manage_event.php). Root cause: arbitrary file upload allows an attacker to upload and execute arbitrary code o...