CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2024/11/14 6:15 p.m.•27 views

CVE-2024-50831

A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

7.2CVSS0.00205EPSS

NVD•added 2024/11/14 6:15 p.m.•7 views

CVE-2024-50827

A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...

7.2CVSS0.00195EPSS

OSV•added 2024/11/14 5:15 p.m.•0 views

CVE-2024-50833

A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters...

9.8CVSS5.8AI score0.00099EPSS

OSV•added 2024/11/14 2:15 p.m.•1 views

CVE-2024-50840

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the classname parameter...

5.4CVSS6AI score0.01351EPSS

Cvelist•added 2024/11/14 12:0 a.m.•10 views

CVE-2024-50829

A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...

0.00102EPSS

Cvelist•added 2024/11/14 12:0 a.m.•12 views

CVE-2024-50837

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/adminuser.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters...

0.00194EPSS

Cvelist•added 2024/11/14 12:0 a.m.•13 views

CVE-2024-50826

A SQL Injection vulnerability was found in /admin/addcontent.php in kashipara E-learning Management System Project 1.0 via the title and content parameters...

0.00144EPSS

CVE•added 2024/11/14 12:0 a.m.•60 views

CVE-2024-50837

CVE-2024-50837 pertains to the Kashipara E-learning Management System Project 1.0. It describes a stored XSS vulnerability in the /admin/admin_user.php endpoint where an attacker can inject scripts via the firstname and username parameters. The CVSS 3.1 base score is 5.4 (Medium) with network att...

5.4CVSS5.7AI score0.00194EPSS

Exploits1References1Affected Software1

NVD•added 2024/11/13 4:15 p.m.•11 views

CVE-2024-50970

A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.8CVSS0.00307EPSS

Exploits0References2

Packet Storm•added 2024/08/26 12:0 a.m.•207 views

DETS Project 1.0 SQL Injection

============================================================================================================================================= | Title : DETS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

Packet Storm•added 2024/08/26 12:0 a.m.•204 views

Employee Record Management System 1.0 SQL Injection

============================================================================================================================================= | Title : ERMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

Packet Storm•added 2024/08/23 12:0 a.m.•215 views

CCMS Project 1.0 SQL Injection

============================================================================================================================================= | Title : CCMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

Packet Storm•added 2024/08/22 12:0 a.m.•227 views

AVMS Project 1.0 SQL Injection

============================================================================================================================================= | Title : AVMS Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

CVE•added 2024/03/10 11:31 a.m.•63 views

CVE-2024-2355

CVE-2024-2355 affects keerti1924 Secret-Coder-PHP-Project 1.0. The vulnerability involves an issue in an unknown functionality of the file /secret_coder.sql, where manipulation leads to inclusion of sensitive information in source code. Reported as exploitable remotely with rather high attack com...

3.7CVSS4AI score0.00109EPSS

Exploits0References3

NVD•added 2024/03/07 10:15 p.m.•8 views

CVE-2024-2266

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file /login.php of the component Login Page. The manipulation of the argument emailcookie/passwordcookie leads to cross site scripting. The attac...

6.1CVSS3.8AI score0.00069EPSS

Exploits1References3

Packet Storm•added 2023/06/16 12:0 a.m.•328 views

Online Art Gallery Project 1.0 Arbitrary File Upload

Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...

7.1AI score