110 matches found
PT-2024-38486 · Unknown · Projectsend
Name of the Vulnerable Software and Affected Versions: ProjectSend versions up to r1605 Description: A vulnerability has been found in ProjectSend, affecting the get preview function of the process.php file. This issue leads to improper control of resource identifiers and can be initiated remotel...
CVE-2024-37872
SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter...
PT-2024-27801 · Unknown · Itsourcecode Billing System
Name of the Vulnerable Software and Affected Versions: Itsourcecode Billing System version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the username parameter in the "process.php" file. Recommendations: For Itsourcecode Billing System...
CVE-2024-6009
A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection. The attack can be launched remotely. The explo...
CVE-2024-6009
CVE-2024-6009 affects itsourcecode Event Calendar 1.0. The vulnerability resides in regConfirm/regDelete in process.php, where manipulating the userId parameter enables SQL injection. Exploitation is remote and the vulnerability has been publicly disclosed. Mitigations documented in connected sou...
PT-2024-37312 · Itsourcecode · Itsourcecode Event Calendar
Name of the Vulnerable Software and Affected Versions: itsourcecode Event Calendar version 1.0 Description: A critical issue has been found in the function regConfirm/regDelete of the file process.php. The manipulation of the userId argument leads to SQL injection. The attack can be launched...
Billing System security breach
Billing System is a billing system by angel jude suarez personal developer. A security vulnerability exists in Billing System version 1.0. An attacker can exploit this vulnerability to execute arbitrary code in process.php via the username parameter...
CVE-2024-37849
A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter...
CVE-2024-3524 Campcodes Online Event Management System process.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotel...
CVE-2024-3524 Campcodes Online Event Management System process.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotel...
BizPrint < 4.5.6 - Cross-Site Request Forgery to Cross-Site Scripting via process.php
Description The BizPrint plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.5. This is due to missing or incorrect nonce validation in the process.php file. This makes it possible for unauthenticated attackers to generate invoices containing...
Online Book Store 1.0 SQL Injection
Exploit Title: Online Book Store 1.0 - process.php SQL injection Google Dork: 4/26/2023 Exploit Author: Or4nG.M4n Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
CVE-2017-20178 Codiad process.php saveJSON information disclosure
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched...
CVE-2022-24992
A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal...
Directory traversal
A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal...
Sql injection
Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...
CVE-2022-32056
CVE-2022-32056 affects Online Accreditation Management v1.0. A SQL injection vulnerability exists in the USERNAME parameter of process.php. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8; high/critical impact; network access, no auth required). Root cause is SQL injection in input handlin...
CVE-2022-32056
Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php...
Online Accreditation Management SQL注入漏洞
Online Accreditation Management is an online accreditation management system from the individual developer Adones Evangelista. A security vulnerability exists in Online Accreditation Management v1.0, which originates from an SQL injection vulnerability discovered via the USERNAME parameter in...
CVE-2017-20101
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...