CVE-2024-10349

A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. Affected by this issue is the function deletetenant of the file /ajax.php?action=deletetenant. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-10337

A vulnerability classified as critical has been found in SourceCodeHero Clothes Recommendation System 1.0. Affected is an unknown function of the file /admin/home.php?con=add. The manipulation of the argument cat/subcat/ t1/t2/text leads to sql injection. It is possible to launch the attack...

CVE-2024-10195

A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goformgetcmdprocess of the component SMS Check. The manipulation of the argument orderby leads to sql injection...

CVE-2024-10133

A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPolicyAjax.java. The manipulation of the argument id/frontId leads to sql injection. The attack can b...

CVE-2024-9974

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=addtocard of the component POST Request Handler. The manipulation of the argument productid leads to s...

CVE-2024-9317

The CVE-2024-9317 affects SourceCodester Online Eyewear Shop 1.0, specifically the function delete_category in /classes/Master.php?f=delete_category. The vulnerability is an SQL injection triggered by manipulating the id argument, allowing remote exploitation. The public disclosure is noted in th...

CVE-2024-9085

A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument date leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-8762

CVE-2024-8762 affects code-projects Crud Operation System 1.0. The vulnerability is an SQL injection in the /updatedata.php file caused by unsafe handling of the sid parameter, exploitable remotely. Multiple sources corroborate that the impact can compromise confidentiality, integrity, and availa...

ROS-20240911-18

A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...

CVE-2024-8564

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update.php. The manipulation of the argument tblpersonid/firstname/middlename/lastname leads to sql injection. The attack can be initiated...

CVE-2024-8561

CVE-2024-8561 affects SourceCodester PHP CRUD 1.0, specifically the Delete Person Handler in /endpoint/delete.php. The vulnerability arises from manipulating the person parameter, leading to SQL injection that can be exploited remotely. The connected sources confirm the affected component and att...

CVE-2024-8416

SourceCodester Food Ordering Management System 1.0 contains a SQL injection in /routers/ticket-status.php via the ticket_id parameter. The vulnerability is exploitable remotely and has been disclosed publicly. Root cause: improper handling of the ticket_id input leading to SQL injection. Impact r...

Huachu Digital Easytest Online Test Platform 安全漏洞

Huachu Digital Easytest Online Test Platform is an online test platform from Huachu Digital. A security vulnerability exists in Huachu Digital Easytest Online Test Platform version 24E01 and prior versions, which originates from allowing remote authenticated users to execute arbitrary SQL command...

Huachu Digital Easytest Online Test Platform 安全漏洞

Huachu Digital Easytest Online Test Platform is an online test platform from Huachu Digital. A security vulnerability exists in Huachu Digital Easytest Online Test Platform version 24E01 and earlier, which stems from improper handling of the uid parameter and could allow a remote attacker to...

CVE-2024-8301

A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax/checkin.php. The manipulation of the argument username leads to sql injection. The attack can b...

CVE-2024-8147

The CVE-2024-8147 entry concerns the code-projects Pharmacy Management System version 1.0. The vulnerability arises in the handling of the parameter id in the endpoint "/index.php?action=editPharmacist", where unsanitized input leads to SQL injection . This can be exploited remotely and is classi...

CVE-2024-8146

A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-7810

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/viewitprofile.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

PT-2024-38365 · Unknown · Tailoring Management System

Name of the Vulnerable Software and Affected Versions: Tailoring Management System version 1.0 Description: A critical issue was found in the Tailoring Management System, affecting an unknown part of the file partedit.php. The manipulation of the id argument leads to SQL injection. It is possible...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from improper neutralization of the u...