177 matches found
Sql injection
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...
CVE-2022-47790
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...
CVE-2022-47790
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...
PT-2023-15486 · Sourcecodester · Sourcecodester Dynamic Transaction Queuing System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Dynamic Transaction Queuing System version 1.0 Description: The issue concerns SQL Injection, which can be exploited via the /queuing/index.php?page=display&id= endpoint. The id parameter is vulnerable to SQL injection attacks...
CVE-2022-47790
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=. The root cause is an injection flaw in the id parameter of that endpoint. Impact per CVSS indicates high confidentiality, integrity, and availability with a total score o...
CVE-2022-45275
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-45275
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
Privilege escalation
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-27454 · Unknown · Dynamic Transaction Queuing System
Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the "/queuing/admin/ajax.php?action=save settings" API endpoint. This vulnerability allows attackers to execute...
CVE-2022-45275
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-45275
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-45275
CVE-2022-45275 affects Dynamic Transaction Queuing System (DTQS) v1.0. The issue is an arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings that enables an attacker to execute arbitrary PHP code via a crafted file. Root cause appears to be improper handling/validati...
Dynamic Transaction Queuing System 代码问题漏洞
Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which originates from an arbitrary file upload vulnerability in...
CVE-2022-3581
A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2022-3580
A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2022-3580
A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2022-3581
A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2022-3579
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
CVE-2022-3579
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...
CVE-2022-3580
A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...