CVE-2023-1688

A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=saveexpense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2023-1593

A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=saveclass. The manipulation of the argument description leads to cross site scripting...

CVE-2023-1292

A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. This vulnerability affects the function deleteclient of the file classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. T...

CVE-2023-0962

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2022-42232

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=deletestorage...

Online Leave Management System SQL注入漏洞

Online Leave Management System is an online leave management system. SQL injection vulnerability exists in Online Leave Management System v1.0, which originates in /leavesystem/classes/Master.php?f=delete application lacks validation of externally entered SQL statements. An attacker could use thi...

Online Pet Shop We App SQL注入漏洞

Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App v1.0, which originates from /petshop/classes/Master.php?f=deletecategory page id parameter is susceptible to SQL injection...

Ingredients Stock Management System SQL Injection Vulnerability (CNVD-2023-11186)

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /classes/Master .php?f=deletecategory location of the id parameter has a...

Ingredients Stock Management System SQL Injection Vulnerability

Ingredients Stock Management System is an ingredient stock management system by Carlo Montero. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /classes/Master .php?f=deletewaste location has an SQL injection issue with the id parameter. No...

CVE-2022-36683

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletepayment...

CVE-2022-36697

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletewaste...

CVE-2022-32416

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=deleteproduct...

CVE-2022-31911

Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=deleteteam...

PT-2022-20985 · Unknown · Online Discussion Forum Site

Name of the Vulnerable Software and Affected Versions: Online Discussion Forum Site version 1.0 Description: The issue concerns a SQL Injection vulnerability via the "/odfs/classes/Master.php?f=delete team" API endpoint. This allows for potential unauthorized access and manipulation of database...

Online Tutor Portal Site 跨站脚本漏洞

Online Tutor Portal Site is an online tutor portal. It is used to provide an online platform for individuals who are looking for and offering tutoring services. A cross-site scripting vulnerability exists in Online Tutor Portal Site version v1.0, which stems from a lack of filtering and escaping ...

CVE-2022-31991

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=deletecourt...

CVE-2022-31951

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=deleterespondenttype...

CVE-2022-30464

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to Cross Site Scripting XSS via /simplechatbot/classes/Master.php?f=saveresponse...

Toll-tax-management-system 跨站脚本漏洞

Toll-tax-management-system is a toll tax management system by the individual developer Carlo Montero. A security vulnerability exists in Toll-tax-management-system version 1.0, which stems from a cross-site scripting XSS attack in /ttms/classes/Master.php?f=saverecipient, vehiclename...

PT-2022-20351 · Unknown · Toll Tax Management System

Name of the Vulnerable Software and Affected Versions: Toll-tax-management-system version 1.0 Description: The issue concerns a Cross Site Scripting XSS vulnerability. It can be exploited via the API endpoint "/ttms/classes/Master.php" with the parameter f set to "save recipient" and the vehicle...