1593 matches found
CVE-2023-7179 Campcodes Online College Library System HTTP POST Request category_row.php sql injection
A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...
CVE-2023-7177
A vulnerability classified as critical was found in Campcodes Online College Library System 1.0. This vulnerability affects unknown code of the file /admin/bookadd.php of the component HTTP POST Request Handler. The manipulation of the argument category leads to sql injection. The attack can be...
CVE-2023-7176
A vulnerability classified as critical has been found in Campcodes Online College Library System 1.0. This affects an unknown part of the file /admin/returnadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. It is possible to initia...
CVE-2023-7177
The CVE-2023-7177 entry affects Campcodes Online College Library System 1.0, specifically the HTTP POST Request Handler at /admin/book_add.php. All connected documents consistently identify a SQL injection vulnerability caused by unsafely handling the category argument, enabling remote exploitati...
CVE-2023-7175
A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injectio...
Sql injection
A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injectio...
PT-2023-32924 · Unknown · Campcodes Online College Library System
Name of the Vulnerable Software and Affected Versions: Campcodes Online College Library System version 1.0 Description: A critical issue affects the processing of the file /admin/book row.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to SQL injection. T...
CVE-2023-7166
Novel-Plus up to 4.2.0 contains a cross-site scripting vulnerability in the HTTP POST handler at /user/updateUserInfo via the nickName parameter. The issue can be triggered remotely, and the exploit has been disclosed publicly. A patch is identified by c62da9bb3a9b3603014d0edb436146512631100d, an...
CVE-2023-7145
A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7145
A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7146
A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...
Sql injection
A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...
Sql injection
A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7146 gopeak MasterLab HTTP POST Request Feature.php sqlInjectDelete sql injection
A vulnerability, which was classified as critical, has been found in gopeak MasterLab up to 3.3.10. This issue affects the function sqlInjectDelete of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument phone leads to sql injection...
CVE-2023-7145 gopeak MasterLab HTTP POST Request Framework.php sqlInject sql injection
A vulnerability classified as critical was found in gopeak MasterLab up to 3.3.10. This vulnerability affects the function sqlInject of the file app/ctrl/Framework.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7144
A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7144
A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
Sql injection
A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7144 gopeak MasterLab HTTP POST Request Feature.php sqlInject sql injection
A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...
CVE-2023-7144
The CVE-2023-7144 entry concerns gopeak MasterLab versions up to 3.3.10, specifically the HTTP POST Request Handler’s component and the sqlInject function in app/ctrl/framework/Feature.php. The vulnerability arises from improper handling of the pwd argument, enabling SQL injection. Public exploit...