PT-2023-17155 · Sourcecodester · Sourcecodester Automatic Question Paper Generator System

Name of the Vulnerable Software and Affected Versions: SourceCodester Automatic Question Paper Generator System version 1.0 Description: A critical issue has been found in the GET Parameter Handler component, specifically in the file users/classes/view class.php. The manipulation of the id argume...

CVE-2023-1634

A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the function UseCurl of the file /admin/infodeal.php of the component URL Parameter Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit ha...

CVE-2023-1634 OTCMS URL Parameter info_deal.php UseCurl server-side request forgery

A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the function UseCurl of the file /admin/infodeal.php of the component URL Parameter Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit ha...

CVE-2023-1592

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

Sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2023-1592 SourceCodester Automatic Question Paper Generator System GET Parameter view_class.php sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/viewclass.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...

Automatic Question Paper Generator System SQL注入漏洞

Automatic Question Paper Generator System is an automatic question paper generator system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Automatic Question Paper Generator System version 1.0, which is caused by unknown code in admin/courses/viewclass.p...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file /admin/reports/index.php of the component GET Parameter Handler. The manipulation of the argument dateto leads to cross site...

CVE-2023-1568 SourceCodester Student Study Center Desk Management System GET Parameter index.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file /admin/reports/index.php of the component GET Parameter Handler. The manipulation of the argument dateto leads to cross site...

Sql injection

A vulnerability was found in SourceCodester Air Cargo Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/transactions/updatestatus.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

CVE-2023-1564 SourceCodester Air Cargo Management System GET Parameter update_status.php sql injection

A vulnerability was found in SourceCodester Air Cargo Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/transactions/updatestatus.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

Cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file /bsenordering/index.php of the component GET Parameter Handler. The manipulation of the argument category with the input alert222 leads to...

CVE-2023-1480

A vulnerability classified as critical was found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Parameter Handler. The manipulation of the argument un leads to sql injection...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this issue is some unknown functionality of the file modules/balance/index.php?view=balancelist of the component POST Parameter Handler. The...

Sql injection

A vulnerability classified as critical was found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Parameter Handler. The manipulation of the argument un leads to sql injection...

Sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/questionpapers/managequestionpaper.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...

CVE-2023-1474 SourceCodester Automatic Question Paper Generator System GET Parameter manage_question_paper.php sql injection

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file users/questionpapers/managequestionpaper.php of the component GET Parameter Handler. The manipulation of the argument id leads to s...

Path traversal

A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=deleteimg of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt...

CVE-2023-1439

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracker System 1.0. This issue affects some unknown processing of the file medicines/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument GET leads to sql injection. Th...

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracker System 1.0. This issue affects some unknown processing of the file medicines/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument GET leads to sql injection. Th...