465 matches found
CVE-2020-28070
SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...
SourceCodester Online Bus Booking System SQL Injection Vulnerability
SourceCodester Online Bus Booking System is an online bus booking system by an individual developer. The system helps bus companies manage the booking and ticketing process. A SQL injection vulnerability exists in Online Bus Booking System Project Using PHP/MySQL version 1.0, which can be exploit...
CVE-2020-28133
An issue was discovered in SourceCodester Simple Grocery Store Sales And Inventory System 1.0. There was authentication bypass in web login functionality allows an attacker to gain client privileges via SQL injection in salesinventory/login.php...
CVE-2020-27956
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=managecar because .php files can be uploaded to admin/assets/uploads/ under the web root...
School Event Management System 1.0 - Arbitrary File Upload
Exploit Title: School Event Management System 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/sems1.zip Version: 1.0...