EUVD-2026-13380

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 8.9.3, the RecordHandler::getRecord method retrieves any record by module and ID without checking the current user's ACL view permission. The companion saveRecord method...

CVE-2024-6802

A vulnerability, which was classified as critical, was found in SourceCodester Computer Laboratory Management System 1.0. Affected is an unknown function of the file /lms/classes/Master.php?f=saverecord. The manipulation of the argument id leads to sql injection. It is possible to launch the atta...

PT-2024-37873 · Sourcecodester · Sourcecodester Computer Laboratory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A critical issue was found in the SourceCodester Computer Laboratory Management System. The problem is related to an unknown function of the file...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

CVE-2024-31544

A stored cross-site scripting XSS vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrowername”, “facultydepartment” parameters in /classes/Master.php?f=saverecord...

CVE-2024-31544

CVE-2024-31544 applies to the Computer Laboratory Management System v1.0. The vulnerability is a stored cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary JavaScript through the fields “remarks”, “borrower_name” and “faculty_department” in the API endpoint /classes/Master...