982 matches found
Sql injection
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcellist.php of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The exploit has been...
CVE-2023-5269 SourceCodester Best Courier Management System GET Parameter parcel_list.php sql injection
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcellist.php of the component GET Parameter Handler. The manipulation of the argument id/s leads to sql injection. The exploit has been...
CVE-2023-5018 SourceCodester Lost and Found Information System POST Parameter sql injection
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=savecategory of the component POST Parameter Handler. The manipulation of the argument id leads to sql injection. It is...
CVE-2023-5018 SourceCodester Lost and Found Information System POST Parameter sql injection
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=savecategory of the component POST Parameter Handler. The manipulation of the argument id leads to sql injection. It is...
Sql injection
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
CVE-2023-4987
Infinitietech Taskhub 2.8.7 is affected by a SQL injection in the GET Parameter Handler, specifically in /home/get_tasks_list. The vulnerable GET parameters include project, status, user_id, sort, and search, allowing manipulation that leads to SQL injection. Public references (Exploit-DB) docume...
Sql injection
A vulnerability was found in Academy LMS 6.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument pricemin/pricemax leads to sql injection. The attack may be...
Cross site scripting
A vulnerability was found in Academy LMS 6.2 on Windows. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument...
CVE-2023-4974 Academy LMS GET Parameter filter sql injection
A vulnerability was found in Academy LMS 6.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument pricemin/pricemax leads to sql injection. The attack may be...
CVE-2023-4973 Academy LMS GET Parameter filter cross site scripting
A vulnerability was found in Academy LMS 6.2 on Windows. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument...
CVE-2023-4973 Academy LMS GET Parameter filter cross site scripting
A vulnerability was found in Academy LMS 6.2 on Windows. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument...
PT-2023-31400 · Infinitietech · Infinitietech Taskhub
Name of the Vulnerable Software and Affected Versions: infinitietech taskhub version 2.8.7 Description: A critical issue has been found in the GET Parameter Handler component, specifically affecting the /home/get tasks list file. The manipulation of the project/status/user id/sort/search argument...
Creative Item Academy LMS Cross-Site Scripting Vulnerability
Creative Item Academy LMS is an online course-based learning management system from Creative Item, Inc. A cross-site scripting vulnerability exists in Creative Item Academy LMS version 6.2 Windows, which stems from the presence of unknown functions in /academy/tutor/filter in the component GET...
Sql injection
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4708 Infosoftbd Clcknshop GET Parameter all sql injection
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4548
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...
CVE-2023-3859
A vulnerability was found in phpscriptpoint Car Listing 1.6 and classified as critical. This issue affects some unknown processing of the file /search.php of the component GET Parameter Handler. The manipulation of the argument...
CVE-2023-3859
A vulnerability was found in phpscriptpoint Car Listing 1.6 and classified as critical. This issue affects some unknown processing of the file /search.php of the component GET Parameter Handler. The manipulation of the argument...
Sql injection
A vulnerability was found in phpscriptpoint Car Listing 1.6 and classified as critical. This issue affects some unknown processing of the file /search.php of the component GET Parameter Handler. The manipulation of the argument...
CVE-2023-3854 phpscriptpoint BloodBank POST Parameter search sql injection
A vulnerability classified as critical has been found in phpscriptpoint BloodBank 1.1. Affected is an unknown function of the file /search of the component POST Parameter Handler. The manipulation of the argument country/city/bloodgroupid leads to sql injection. It is possible to launch the attac...