124 matches found
CVE-2023-30247
CVE-2023-30247 concerns a file upload vulnerability in the Oretnom23 Storage Unit Rental Management System v1.0. The issue allows a remote attacker to execute arbitrary code via the update_settings parameter, with CVSS3.1 indicating a NETWORK attack vector, no user interaction, and a base score o...
Sql injection
Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/reviewresult.php?maineventid=, maineventid...
CVE-2023-30077
Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/reviewresult.php?maineventid=, maineventid...
CVE-2023-30077
Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/reviewresult.php?maineventid=, maineventid...
Sales Tracker Management System 1.0 Insecure Direct Object Reference
Exploit Title: Sales Tracker Management System v1.0 - Sensitive information disclosure CVE: CVE-2023-26774 Exploit Author: Achuth V P retrymp3 Date: February 08, 2023 Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html Software...
Helmet Store Showroom v1.0 - SQL Injection Vulnerability
Exploit Title: Helmet Store Showroom v1.0 - SQL Injection Exploit Author: Ameer Hamza Vendor Homepage: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html Software Link:...
Online Market Place Site 1.0 SQL Injection Exploit
Online Market Place Site version 1.0 suffers from an unauthenticated blind SQL injection vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection. Exploit Title: Online Market Place Site v1.0 - Unauthenticated Blind Time-Based SQL Injection Exploit Author: Joe...
Online Market Place Site 1.0 Cross Site Scripting Vulnerability
Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Joe Pollock Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...
Online Market Place Site 1.0 Cross Site Scripting
Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Joe Pollock Date: September 03, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...
CVE-2022-3015
A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2022-3015 oretnom23 Fast Food Ordering System cross site scripting
A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2022-3015
CVE-2022-3015 affects oretnom23 Fast Food Ordering System, specifically the admin/?page=reports handling. The root cause is manipulation of the date parameter, enabling cross-site scripting (XSS). The vulnerability is exploitable remotely; attack complexity is low and no privileges are required, ...
CVE-2022-3012 oretnom23 Fast Food Ordering System index.php sql injection
A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The...
CVE-2022-3012
CVE-2022-3012 concerns the oretnom23 Fast Food Ordering System. Multiple connected sources confirm a vulnerability in the ffos/admin/reports/index.php component where manipulating the date parameter enables SQL injection. The flaw is exploitable remotely and has been publicly disclosed. Documents...
PT-2022-20018 · Unknown · Oretnom23 Fast Food Ordering System
Name of the Vulnerable Software and Affected Versions: oretnom23 Fast Food Ordering System affected versions not specified Description: A problematic issue has been found in the oretnom23 Fast Food Ordering System, affecting the processing of the file "admin/?page=reports". The manipulation of th...
CVE-2022-2686 oretnom23 Fast Food Ordering System Menu List Page cross site scripting
A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2022-2686
CVE-2022-2686 affects oretnom23 Fast Food Ordering System, with the vulnerability in the Menu List Page where the Description argument can be manipulated to trigger cross-site scripting. The issue can be exploited remotely, and public exploitation details have been disclosed (VDB-205725). Several...
PT-2022-18109 · Unknown · Oretnom23 Fast Food Ordering System
Name of the Vulnerable Software and Affected Versions: oretnom23 Fast Food Ordering System affected versions not specified Description: A problematic issue was found in the oretnom23 Fast Food Ordering System, affecting an unknown part of the component Menu List Page. The manipulation of the...
Warehouse Management System 2022 SQL Injection
Title: Warehouse Management System 2022 ML-SQLi Author: nu11secur1ty Date: 06.13.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php-codeigniter-warehouse-management-system-free-source-code Reference:...
CVE-2022-30798
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php...