CVE-2024-10336 SourceCodeHero Clothes Recommendation System Admin Login Page index.php sql injection

A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php of the component Admin Login Page. The manipulation of the argument t1 leads to sql injection. The attack may be...

CVE-2024-10336 SourceCodeHero Clothes Recommendation System Admin Login Page index.php sql injection

A vulnerability was found in SourceCodeHero Clothes Recommendation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php of the component Admin Login Page. The manipulation of the argument t1 leads to sql injection. The attack may be...

CVE-2024-10336

CVE-2024-10336 affects SourceCodeHero Clothes Recommendation System 1.0. The vulnerability is a SQL injection in the Admin Login Page, specifically via the t1 parameter in the file /admin/index.php. Root cause: improper handling of user input leading to injection of SQL statements. Impact, as sta...

SourceCodeHero Clothes Recommendation System 安全漏洞

SourceCodeHero Clothes Recommendation System is an open source clothing recommendation system from SourceCodeHero. A security vulnerability exists in SourceCodeHero Clothes Recommendation System version 1.0, which originates from the parameter cat/subcat/t1/t2/text in the file...

SourceCodeHero Clothes Recommendation System SQL注入漏洞

SourceCodeHero Clothes Recommendation System is a SourceCodeHero open source clothing recommendation system. SourceCodeHero Clothes Recommendation System version 1.0 suffers from a SQL injection vulnerability, which originates from the parameter t1 in the file /admin/index.php of the component...

SourceCodeHero Clothes Recommendation System SQL注入漏洞

SourceCodeHero Clothes Recommendation System is a SourceCodeHero open source clothing recommendation system. A SQL injection vulnerability exists in SourceCodeHero Clothes Recommendation System version 1.0, which stems from the parameter view/view1 in the file /admin/home.php that can lead to SQL...

CVE-2024-44727

Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php...

CVE-2024-44728

Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...

CVE-2024-44728

Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...

Sourcecodehero Event Management System 安全漏洞

Sourcecodehero Event Management System is an open source event management system from Sourcecodehero. A security vulnerability exists in the Sourcecodehero Event Management System version 1.0, which stems from a vulnerability that allows storage via the Full Name, Address, Email, and contact...

Sourcecodehero Event Management System 安全漏洞

Sourcecodehero Event Management System is an open source event management system from Sourcecodehero. A security vulnerability exists in Sourcecodehero Event Management System version 1.0, which is caused by SQL injection via the parameter "username" in /event/admin/login.php...

CVE-2024-44727

Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php...

CVE-2024-44727

Sourcecodehero Event Management System 1.0 is vulnerable to an SQL Injection via the username parameter in /event/admin/login.php. Documented across multiple feeds; no patch/version fix details are provided in the supplied materials. Exploitation details, impact, and mitigations beyond the generi...

CVE-2024-44728

Affected software : Sourcecodehero Event Management System 1.0. Vulnerability : Stored Cross-Site Scripting (XSS) in the API endpoint "/clientdetails/admin/regester.php" via the parameters Full Name, Address, Email, and contact#. Root cause / details : Publicly documented as an XSS path; the issu...

CVE-2024-44727

Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php...

CVE-2024-44728

Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...

CVE-2024-44728

Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact in /clientdetails/admin/regester.php...

PT-2024-31224 · Unknown · Sourcecodehero Event Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodehero Event Management System version 1.0 Description: The issue is related to a SQL Injection vulnerability via the parameter username in the "/event/admin/login.php" endpoint. This allows attackers to remotely compromise databases...

CVE-2022-3118

A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The exploit has been...

Sql injection

A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The exploit has been...