982 matches found
CVE-2023-3003 SourceCodester Train Station Ticketing System GET Parameter manage_prices.php sql injection
A vulnerability classified as critical was found in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file manageprices.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...
Sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Students Online Internship Timesheet System 1.0. Affected is an unknown function of the file renderedreport.php of the component GET Parameter Handler. The manipulation of the argument sid leads to sql injection. It is...
CVE-2023-2955 SourceCodester Students Online Internship Timesheet System GET Parameter rendered_report.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Students Online Internship Timesheet System 1.0. Affected is an unknown function of the file renderedreport.php of the component GET Parameter Handler. The manipulation of the argument sid leads to sql injection. It is...
Cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...
CVE-2023-2922 SourceCodester Comment System GET Parameter index.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...
CVE-2023-2922 SourceCodester Comment System GET Parameter index.php cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...
PT-2023-22212 · Unknown · Sourcecodester Comment System
Name of the Vulnerable Software and Affected Versions: SourceCodester Comment System version 1.0 Description: A problematic vulnerability has been found in the SourceCodester Comment System. The issue affects an unknown function of the file index.php, specifically the component GET Parameter...
CVE-2023-2865
A vulnerability was found in SourceCodester Theme Park Ticketing System 1.0. It has been classified as critical. This affects an unknown part of the file printticket.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate...
CVE-2023-2864
A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The...
Sql injection
A vulnerability was found in SourceCodester Theme Park Ticketing System 1.0. It has been classified as critical. This affects an unknown part of the file printticket.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate...
Cross site scripting
A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The...
CVE-2023-2864 SourceCodester Online Jewelry Store POST Parameter customer.php cross site scripting
A vulnerability was found in SourceCodester Online Jewelry Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file customer.php of the component POST Parameter Handler. The manipulation of the argument Custid leads to cross site scripting. The...
Class Scheduling System Cross-Site Scripting Vulnerability
Class Scheduling System is a class scheduling system. A cross-site scripting vulnerability exists in Class Scheduling System v1.0, which originates from the lack of effective filtering and escaping of user-supplied data in the AcademicRank parameter of the file /admin/saveteacher.php in the...
CVE-2023-2826 SourceCodester Class Scheduling System POST Parameter search_teacher_result.php cross site scripting
A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...
PT-2023-21640 · Sourcecodester · Sourcecodester Class Scheduling System
Name of the Vulnerable Software and Affected Versions: SourceCodester Class Scheduling System version 1.0 Description: A vulnerability has been found in the SourceCodester Class Scheduling System, affecting the file search teacher result.php of the component POST Parameter Handler. The manipulati...
CVE-2023-2824
A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service lea...
CVE-2023-2823
A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
Sql injection
A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
Cross site scripting
A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/service.php of the component POST Parameter Handler. The manipulation of the argument service lea...
CVE-2023-2824
CVE-2023-2824 affects SourceCodester Dental Clinic Appointment Reservation System 1.0. The vulnerability is in the POST Parameter Handler of /admin/service.php, where manipulating the service parameter triggers cross-site scripting. Exploitation appears remote and is publicly disclosed (VDB-22959...