3966 matches found
CVE-2024-7320
CVE-2024-7320 affects itsourcecode Online Blood Bank Management System 1.0, targeting the Admin Login component (/admin/index.php). A SQL injection flaw is triggered by manipulating the user parameter, with remote exploitation possible and public disclosure of exploits. Impact is described as hig...
CVE-2024-7220
A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/printbarcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploi...
CVE-2024-7190
A vulnerability classified as critical was found in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/getprice.php. The manipulation of the argument expensesid leads to sql injection. The attack can be launched remotely. The...
CVE-2024-7190
The CVE-2024-7190 entry affects itsourcecode Society Management System 1.0, specifically the /admin/get_price.php endpoint where manipulating the expenses_id parameter enables SQL injection. The vulnerability is described as remote-exploitable with a publicly disclosed exploit; assessed severitie...
CVE-2024-7168
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...
CVE-2024-7167
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /managecourse.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely...
CVE-2024-7116
A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. It has been rated as critical. This issue affects some unknown processing of the file /branchviewmore.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotel...
CVE-2024-6952
CVE-2024-6952 affects itsourcecode University Management System 1.0. The vulnerability is in the file /view_single_result.php?vr=123321&vn=mirage, where manipulation of the seme argument leads to SQL injection. Reports indicate the issue is exploitable remotely and the exploit has been disclosed ...
CVE-2024-6808
A vulnerability was found in itsourcecode Simple Task List 1.0. It has been classified as critical. This affects the function insertUserRecord of the file signUp.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2024-6735
Summary: CVE-2024-6735 affects itsourcecode Tailoring Management System 1.0. The vulnerability resides in the file setgeneral.php, where manipulating the parameters sitename, email, mobile, sms, or currency can trigger SQL injection. Exploitation appears remote and has been publicized. Technical ...
PT-2024-5296
Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below Description The issue is related to the monitoring module of Zohocorp ManageEngine Exchange Reporter Plus, where the software fails to properly protect the SQL query structur...
CVE-2024-6734
CVE-2024-6734 : A SQL injection flaw exists in itsourcecode Tailoring Management System 1.0, originating in the templateadd.php file. The vulnerability is triggered by manipulating the title/msg parameters, enabling remote attackers to execute arbitrary SQL. Exploitation is feasible remotely and ...
CVE-2024-37871
SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2024-6419
CVE-2024-6419 describes a SQL injection in SourceCodester Medicine Tracker System 1.0, affecting unknown code path /classes/Master.php?f=save_medicine where the id parameter is manipulated to exploit the vulnerability. It is remotely exploitable and has been publicly disclosed. Multiple connected...
CVE-2024-6016
A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file adminclass.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...
CVE-2024-6009
CVE-2024-6009 affects itsourcecode Event Calendar 1.0. The vulnerability resides in regConfirm/regDelete in process.php, where manipulating the userId parameter enables SQL injection. Exploitation is remote and the vulnerability has been publicly disclosed. Mitigations documented in connected sou...
CVE-2024-5983
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit...
CVE-2024-5774
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack c...
CVE-2024-5772
CVE-2024-5772 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability arises from handling of the messagecontent parameter in /protocol/iscuser/deleteiscuser.php, where improper input handling allows SQL injection. Impact is described as high confidentiality, integrity, and a...
CVE-2024-5589
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /admin/configMT.php?action=delete. The manipulation of the argument Mid leads to sql injection. It is possible to initiate the attack...