1593 matches found
CVE-2023-2344
A vulnerability has been found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=saveservice of the component HTTP POST Request Handler. The manipulation of the argument...
Sql injection
A vulnerability has been found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=saveservice of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2023-2058
A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2023-2058
A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument...
The vulnerability of the client request handler of the secure access control system used in IED RUGGEDCOM CROSSBOW allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the client request handler of the Siemens RUGGEDCOM CROSSBOW access control system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the client request handler of the security access control system, IED Siemens RUGGEDCOM CROSSBOW, allows a perpetrator to perform arbitrary actions.
The vulnerability of the client request handler of the Siemens RUGGEDCOM CROSSBOW access control system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions remotely...
CVE-2023-1432
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=savesettings of the component POST Request Handler. The manipulation leads to improper access control...
PT-2023-16979 · Sourcecodester · Sourcecodester Online Food Ordering System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Ordering System version 2.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file "/fos/admin/ajax.php?action=save settings" of the component POST Request Handler...
CVE-2023-0963
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The...
CVE-2023-0962
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...
Sql injection
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated...
Sql injection
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file viewmusicdetails.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the...
CVE-2023-0963 SourceCodester Music Gallery Site POST Request Users.php access control
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The...
CVE-2023-0962
The CVE-2023-0962 entry corresponds to a SQL injection in SourceCodester Music Gallery Site 1.0, occurring in Master.php under the GET Request Handler. The vulnerability arises from unsafely handling the id parameter, enabling remote exploitation. Exploitation is reported publicly (exploit-db ref...
Sql injection
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file musiclist.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely...
CVE-2023-0938 SourceCodester Music Gallery Site GET Request music_list.php sql injection
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file musiclist.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely...
Denial of service vulnerability when parsing multipart request body
Summary The request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. Details The multipart body parser processes an unlimited number of file parts. The multipart body parser processes an unlimited number of field parts. Impact...
Design/Logic Flaw
Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...
PYSEC-2023-49
Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...
SUSE CVE-2014-2739
The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...