CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manageservice...

8.8CVSS6.2AI score0.00872EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:3 a.m.•7 views

CVE-2023-46956

SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manageuser file...

7.2CVSS8.7AI score0.0119EPSS

Exploits1

RedhatCVE•added 2025/02/08 6:49 a.m.•16 views

CVE-2024-57523

Cross Site Request Forgery CSRF in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user...

4.5CVSS6.7AI score0.00462EPSS

Exploits2References1

NVD•added 2025/02/06 7:15 p.m.•16 views

CVE-2024-57523

4.5CVSS0.00462EPSS

Exploits2References2

Cvelist•added 2025/02/06 12:0 a.m.•11 views

CVE-2024-57523

0.00462EPSS

Exploits2References2

CVE•added 2025/02/06 12:0 a.m.•52 views

CVE-2024-57523

CVE-2024-57523 corresponds to a CSRF vulnerability in the Users.php endpoint of SourceCodester Packers and Movers Management System 1.0. Exploitation requires an authenticated admin user to visit a crafted page, enabling attackers to create unauthorized admin accounts (privilege escalation) with ...

4.5CVSS6.8AI score0.00462EPSS

Exploits2References2Affected Software1

Vulnrichment•added 2025/02/06 12:0 a.m.•8 views

CVE-2024-57523

4.7AI score0.00462EPSS

Exploits2References2

Cvelist•added 2025/02/03 12:0 a.m.•16 views

CVE-2024-57522

SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting XSS in Users.php. An attacker can inject a malicious script into the username or name field during user creation...

0.00945EPSS

Exploits1References1

GithubExploit•added 2025/01/15 6:56 p.m.•166 views

Exploit for Cross-Site Request Forgery (CSRF) in Oretnom23 Packers_And_Movers_Management_System

CVE-2024-57523 - CSRF Vulnerability in Users.php - SourceCodes...

4.5CVSS6.9AI score0.00462EPSS

Exploits2

NVD•added 2024/10/24 7:15 p.m.•14 views

CVE-2024-48427

8.8CVSS0.00872EPSS

Exploits0References2

Prion•added 2023/11/30 11:15 p.m.•15 views

Sql injection

SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manageuser&id file...

5.8CVSS9AI score0.0119EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/11/30 12:0 a.m.•9 views

CVE-2023-46956

SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manageuser&id file...

8.9AI score0.0119EPSS

Exploits1References1

Cvelist•added 2023/11/30 12:0 a.m.•15 views

CVE-2023-46956

SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manageuser&id file...

7.6AI score0.0119EPSS

Exploits1References1

CVE•added 2023/11/30 12:0 a.m.•30 views

CVE-2023-46956

CVE-2023-46956 is a SQL injection vulnerability in Packers and Movers Management System v1.0. The flaw affects the endpoint /mpms/admin/?page=user/manage_user&id and allows a remote attacker to potentially execute arbitrary code via crafted payloads. The root cause is improper handling of the id ...

7.2CVSS7.4AI score0.0119EPSS

Exploits1References1Affected Software1

Prion•added 2023/10/26 6:15 p.m.•13 views

Sql injection

Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/viewservice&id...

7.5CVSS9.8AI score0.00629EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/10/26 12:0 a.m.•13 views

CVE-2023-46435

Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/viewservice&id...

10AI score0.00629EPSS

Exploits1References1