PT-2024-27800 · Unknown · Itsourcode Online Discussion Forum Project In Php With Source Code

Name of the Vulnerable Software and Affected Versions: Itsourcecode Online Discussion Forum Project in PHP with Source Code version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the email parameter in the "login.php" file...

CVE-2024-37871

CVE-2024-37871 affects the Itsourcecode Online Discussion Forum Project for PHP with Source Code 1.0. The vulnerability is a SQL injection in login.php triggered via the email parameter, enabling remote attackers to execute arbitrary SQL commands. Metrics indicate a high-severity issue (CVSS v3.1...

Fedora: Security Advisory (FEDORA-2024-bb55f8476a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

CVE-2024-5519 ItsourceCode Learning Management System Project In PHP login.php sql injection

A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has...

Design/Logic Flaw

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

CVE-2024-2355 keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

CVE-2024-2355

CVE-2024-2355 affects keerti1924 Secret-Coder-PHP-Project 1.0. The vulnerability involves an issue in an unknown functionality of the file /secret_coder.sql, where manipulation leads to inclusion of sensitive information in source code. Reported as exploitable remotely with rather high attack com...

CVE-2024-2266

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

CVE-2024-2266

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

CVE-2024-2266

CVE-2024-2266 affects keerti1924 Secret-Coder-PHP-Project 1.0, specifically the Login Page file /login.php. The vulnerability is caused by improper handling of the parameters emailcookie and passwordcookie, enabling remote cross-site scripting (XSS) . Exploitation is possible remotely and the exp...

CVE-2024-2266 keerti1924 Secret-Coder-PHP-Project Login Page login.php cross site scripting

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

PT-2024-19523 · Unknown · Keerti1924 Secret-Coder-Php-Project

Name of the Vulnerable Software and Affected Versions: keerti1924 Secret-Coder-PHP-Project version 1.0 Description: A vulnerability has been found in the Login Page component, specifically in the file /login.php. The manipulation of the emailcookie and passwordcookie arguments leads to cross-site...

PHPMailer Shell command injection

PHPMailer before 1.7.4, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Impact Shell command injection, remotely exploitable if host application does not filter user data...

GaatiTrack Courier Management System 1.0 SQL Injection Vulnerability

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php Version: v1.0 Teste...

Online Book Store 1.0 SQL Injection

Exploit Title: Online Book Store 1.0 - process.php SQL injection Google Dork: 4/26/2023 Exploit Author: Or4nG.M4n Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...

SUSE CVE-2007-5641

Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter to 1 certinfo/index.php, 2 emails/index.php, 3 events/index.php, 4 fax/index.php, 5 files/index.php, 6...

Online Examination System 1.0 Cross Site Scripting

Exploit Title: Online Examination System - Cross site scripting Reflected Google Dork: N/A Date: 2022-9-29 Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-examination/ Software Link:...

Insurance Management System 1.0 SQL Injection

Title: Insurance Management System v1.0 SQLi Author: nu11secur1ty Date: 03.12.2022 Vendor: https://itsourcecode.com/free-projects/php-project/php-projects-source-code-free-downloads/ Software:...

Online Railway Reservation System 1.0 - Admin Account Creation Vulnerability

Exploit Title: Online Railway Reservation System 1.0 - Admin Account Creation Unauthenticated Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...