CVE-2024-0264 SourceCodester Clinic Queuing System LoginRegistration.php authorization

A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /LoginRegistration.php. The manipulation of the argument formToken leads to authorization bypass. The attack can be initiated remotely. The...

Clinic Queuing System Security Vulnerability

Clinic Queuing System is a clinic queuing system by the individual developer Carlo Montero. A security vulnerability exists in Clinic Queuing System version 1.0, which stems from the index.php in the component GET Parameter Handler, which contains some unknown processing that leads to file...

Clinic Queuing System Security Vulnerability

Clinic Queuing System is a clinic queuing system by the individual developer Carlo Montero. A security vulnerability exists in Clinic Queuing System version 1.0, which stems from an authorization bypass due to misuse of the parameter formToken...

PT-2024-15425 · Sourcecodester · Sourcecodester Clinic Queuing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinic Queuing System version 1.0 Description: A critical issue affects the processing of the file /index.php, specifically the component GET Parameter Handler. The manipulation of the page argument leads to file inclusion. Thi...

PT-2024-15424 · Sourcecodester · Sourcecodester Clinic Queuing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinic Queuing System version 1.0 Description: A critical issue has been found in the SourceCodester Clinic Queuing System, affecting the /LoginRegistration.php file. The manipulation of the formToken argument leads to...

Exploit for Authorization Bypass Through User-Controlled Key in Oretnom23 Clinic_Queuing_System

ClinicQueueingSystem RCE Proof-of-Concept This exploit code ch...

CVE-2023-26856

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

CVE-2023-26856

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

CVE-2023-26857

An arbitrary file upload vulnerability in /admin/ajax.php?action=saveuploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Sql injection

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

Design/Logic Flaw

An arbitrary file upload vulnerability in /admin/ajax.php?action=saveuploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2023-26856

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

CVE-2023-26857

An arbitrary file upload vulnerability in /admin/ajax.php?action=saveuploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2023-26857

An arbitrary file upload vulnerability in /admin/ajax.php?action=saveuploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2023-26856

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login...

Dynamic Transaction Queuing System 代码问题漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero's personal developer. A security vulnerability exists in the v1.0 version of Dynamic Transaction Queuing System, which stems from an arbitrary file upload issue in...

PT-2023-20827 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability. It affects the "/admin/ajax.php?action=save uploads" API endpoint, allowing attackers to execute arbitrary code via a craft...

CVE-2023-26856

The CVE-2023-26856 entry concerns Dynamic Transaction Queuing System v1.0, which contains a SQL injection in the login flow. Specifically, the vulnerability is exposed via the name parameter at /admin/ajax.php?action=login, enabling untrusted input to alter queries. The vulnerability is rooted in...

CVE-2022-46954

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=deletetransaction...

CVE-2022-46953

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=savewindow...