124 matches found
Cross site scripting
Cross Site Scripting XSS in Sourcecodester Student Quarterly Grading System by oretnom23, allows attackers to execute arbitrary code via the fullname and username parameters to the users page...
CVE-2021-41472
SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters...
Sql injection
SQL injection vulnerability in Sourcecodester South Gate Inn Online Reservation System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the email and Password parameters...
Sql injection
SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters...
CVE-2021-41472
SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters...
CVE-2021-41472
CVE-2021-41472 concerns the Sourcecodester Simple Membership System v1 by oretnom23. The vulnerability is a SQL injection in the login flow, exploitable via the username and password parameters to execute arbitrary SQL commands. Affected component is the login/authentication handling; underlying ...
CVE-2021-41471
SQL injection vulnerability in Sourcecodester South Gate Inn Online Reservation System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the email and Password parameters...
CVE-2021-40907
SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php...
Sql injection
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...
CVE-2021-40908
The CVE-2021-40908 issue affects Sourcecodester Purchase Order Management System v1.0, via Login.php where the username parameter is vulnerable to SQL injection. The underlying root cause is improper handling/validation of externally supplied SQL statements, enabling an attacker to run arbitrary ...
CVE-2021-40908
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter...
CVE-2021-40596
The CVE-2021-40596 entry concerns a SQL injection in the Login.php file of the sourcecodester Online Learning System v2 (by oretnom23). The vulnerability is exploitable via the faculty_id parameter, allowing an attacker to execute arbitrary SQL commands. Public references in connected documents c...
Sql injection
SQL injection vulnerability in Sourcecodester Online Leave Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /leavesystem/classes/Login.php...
CVE-2021-40247
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field...
CVE-2021-40247
CVE-2021-40247 affects Sourcecodester Budget and Expense Tracker System v1.0. The vulnerability is an SQL injection via the username field caused by inadequate SQL data escaping/filtering. Exploitation in the wild is not described in the provided documents, but CVSS data indicates a high/critical...
CVE-2021-40247
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field...
oretnom23 Company Recruitment Management System SQL注入漏洞
oretnom23 Company Recruitment Management System is an open source Company Recruitment Management System from the individual developers of oretnom23. A SQL injection vulnerability exists in oretnom23 Company Recruitment Management System, which can be exploited by attackers to perform SQL injectio...
CVE-2021-41676
An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point of Sale System 1.0 in the login function in actions.php...
CVE-2021-41676
CVE-2021-41676 is tied to the oretnom23 Pharmacy Point of Sale System 1.0, with a reported SQL Injection in the login function (actions.php). The Red Hat and NVD entries corroborate the vulnerability in the same component/function, indicating a high/critical impact profile. Public details in conn...
CVE-2021-41676
An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point of Sale System 1.0 in the login function in actions.php...