CVE-2024-35358

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=viewcategory. Manipulating the argument id can result in SQL injection...

CVE-2023-3679

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=saveinquiry of the component HTTP POST Request Handler. The manipulation of the argument id lead...

CVE-2022-42232

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=deletestorage...

CVE-2022-36683

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deletepayment...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31906

Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting XSS via /ofrs/classes/Master.php...

CVE-2022-30458

Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting XSS via /asms/classes/Master.php?f=saveproduct, name...

CVE-2022-30454

Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deleteproduct...

CVE-2022-30385

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deleteorder...

CVE-2022-30381

Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggersmerch/classes/Master.php?f=deleteimg...

CVE-2022-28029

Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=deletetype...