Lucene search
K

177 matches found

Prion
Prion
added 2023/01/09 5:15 p.m.12 views

Sql injection

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...

7.5CVSS9.8AI score0.00752EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/09 12:0 a.m.6 views

CVE-2022-47790

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...

9.9AI score0.00752EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/01/09 12:0 a.m.16 views

CVE-2022-47790

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=...

10AI score0.00752EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/01/09 12:0 a.m.4 views

PT-2023-15486 · Sourcecodester · Sourcecodester Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Dynamic Transaction Queuing System version 1.0 Description: The issue concerns SQL Injection, which can be exploited via the /queuing/index.php?page=display&id= endpoint. The id parameter is vulnerable to SQL injection attacks...

9.8CVSS9.6AI score0.00752EPSS
Exploits1References3
CVE
CVE
added 2023/01/09 12:0 a.m.60 views

CVE-2022-47790

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=. The root cause is an injection flaw in the id parameter of that endpoint. Impact per CVSS indicates high confidentiality, integrity, and availability with a total score o...

9.8CVSS9.7AI score0.00752EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/12 8:15 p.m.4 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS6.1AI score0.15323EPSS
Exploits1References1
NVD
NVD
added 2022/12/12 8:15 p.m.15 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS0.15323EPSS
Exploits1References1
Prion
Prion
added 2022/12/12 8:15 p.m.13 views

Privilege escalation

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

5.8CVSS7.3AI score0.15323EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.4 views

PT-2022-27454 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the "/queuing/admin/ajax.php?action=save settings" API endpoint. This vulnerability allows attackers to execute...

7.2CVSS7.2AI score0.15323EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/12 12:0 a.m.7 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.3AI score0.15323EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.24 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.5AI score0.15323EPSS
Exploits1References1
CVE
CVE
added 2022/12/12 12:0 a.m.69 views

CVE-2022-45275

CVE-2022-45275 affects Dynamic Transaction Queuing System (DTQS) v1.0. The issue is an arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings that enables an attacker to execute arbitrary PHP code via a crafted file. Root cause appears to be improper handling/validati...

7.2CVSS7.3AI score0.15323EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.4 views

Dynamic Transaction Queuing System 代码问题漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which originates from an arbitrary file upload vulnerability in...

7.2CVSS7.6AI score0.15323EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/10/18 11:15 a.m.3 views

CVE-2022-3581

A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS4.4AI score0.00335EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/18 11:15 a.m.2 views

CVE-2022-3580

A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

6.1CVSS4.3AI score0.00335EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/18 11:15 a.m.4 views

CVE-2022-3580

A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

6.1CVSS3.9AI score0.00335EPSS
Exploits0References1
OSV
OSV
added 2022/10/18 11:15 a.m.4 views

CVE-2022-3581

A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS4AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2022/10/18 11:15 a.m.18 views

CVE-2022-3579

A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...

9.8CVSS0.00649EPSS
Exploits1References2
OSV
OSV
added 2022/10/18 11:15 a.m.5 views

CVE-2022-3579

A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated...

9.8CVSS5.7AI score
Exploits0References2
NVD
NVD
added 2022/10/18 11:15 a.m.21 views

CVE-2022-3580

A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...

6.1CVSS0.00335EPSS
Exploits0References1
Rows per page
Query Builder