CVE-2023-2293

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input leads to cross site scripting. It is possibl...

CVE-2024-35356

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=saveitem. Manipulating the argument id can result in SQL injection...

PT-2023-25699 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Lost and Found Information System. This issue affects the component HTTP POST Request Handler, specificall...

PT-2023-18773 · Sourcecodester · Sourcecodester Purchase Order Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Purchase Order Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown part of the file classes/Master.php?f=save item. The manipulation of the description argument with...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CMSLogik 1.2.0 and 1.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 adminemail, 2 headertitle, 3 sitetitle parameter to admin/settings; 4 recaptchaprivate or 5 recaptchapublic parameter to admin/captchasettings; 6...