542 matches found
CVE-2024-1702 keerti1924 PHP-MYSQL-User-Login-System edit.php sql injection
A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the publi...
CVE-2024-1701
A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...
CVE-2024-1701
A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...
CVE-2024-1701 keerti1924 PHP-MYSQL-User-Login-System edit.php access control
A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...
CVE-2024-1701 keerti1924 PHP-MYSQL-User-Login-System edit.php access control
A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...
CVE-2024-1700 keerti1924 PHP-MYSQL-User-Login-System signup.php cross site scripting
A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument username with the input alert"xss" leads to cross site scripting. It is possible to launch the...
CVE-2024-1700 keerti1924 PHP-MYSQL-User-Login-System signup.php cross site scripting
A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument username with the input alert"xss" leads to cross site scripting. It is possible to launch the...
PT-2024-18235 · Unknown · Keerti1924 Php-Mysql-User-Login-System
Name of the Vulnerable Software and Affected Versions: keerti1924 PHP-MYSQL-User-Login-System version 1.0 Description: A critical issue was found in the keerti1924 PHP-MYSQL-User-Login-System, affecting some unknown functionality of the file /edit.php. This issue leads to sql injection and can be...
S-CMS SQL Injection Vulnerability
S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A SQL injection vulnerability exists in S-CMS version 2.0build20220529-20231006 and earlier versions, which stems from a problem with an unknown function in member/reg.php...
CVE-2023-46745 Rate limiting Bypass on login page in libreNMS
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user account...
Engineers Online Portal SQL Injection Vulnerability
Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the id parameter that...
Engineers Online Portal SQL Injection Vulnerability
Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the id parameter that...
CVE-2023-41594
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters...
CVE-2023-39518 social-media-skeleton stored Cross-site Scripting vulnerability
social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3...
Online Examination System Project 1.0 - Cross-site request forgery (CSRF)
Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery CSRF Google Dork: n/a Date: 09/06/2023 Exploit Author: Ramil Mustafayev kryptohaker Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...
notrinoserp SQL注入漏洞
notrinoserp is a web-based ERP by Phương Individual Developer, an accounting system written in PHP and MySql. A SQL injection vulnerability exists in notrinoserp version 0.7, which originates from the OrderNumber parameter in /NotrinosERP/sales/customerdelivery.php contains a SQL injection...
phpwcms directory traversal vulnerability
phpwcms is an open source web content management system. It is fast, easy to install and can run on any standard web server platform that supports PHP/MySQL. A directory traversal vulnerability exists in phpwcms version 1.9.25. A remote attacker can exploit this vulnerability to delete arbitrary...
phpwcms sql injection vulnerability
phpwcms is a website management system that follows the GNU open source protocol and utilizes PHP+MYSQL architecture for development. A SQL injection vulnerability exists in versions of Phpwcms before 1.9.26. An attacker can exploit this vulnerability to perform SQL injection and steal data, etc...
S-CMS 跨站脚本漏洞
S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS version 5.0 Build 20220328. An attacker can exploit the vulnerability to perform cross-site scripting attacks...
Bluecms has an unspecified vulnerability (CNVD-2022-59211)
BlueCMS is a content management system CMS based on PHP and MySQL. a security vulnerability exists in BlueCMS version 1.6, which stems from an SQL injection in line 132 of admin/area.php. No details of the vulnerability are currently available...