CVE-2024-8347

CVE-2024-8347 affects SourceCodester Computer Laboratory Management System 1.0. The vulnerable component is the delete_record function in /classes/Master.php?f=delete_record, where manipulation of the id parameter leads to SQL injection. The issue enables remote exploitation and the exploit has b...

CVE-2024-41332

Incorrect access control in the deletecategory function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories...

CVE-2024-34480

SourceCodester Computer Laboratory Management System 1.0 allows admin/category/viewcategory.php id SQL Injection...

CVE-2024-34479

SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection...

CVE-2024-34479

SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection...

CVE-2024-34480

SourceCodester Computer Laboratory Management System 1.0 has a SQL Injection vulnerability in admin/category/view_category.php?id. The issue is described across multiple sources, with CVSS 3.1/4.6? Actually CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL). The vulne...

CVE-2024-3377 SourceCodester Computer Laboratory Management System cross site scripting

A vulnerability classified as problematic was found in SourceCodester Computer Laboratory Management System 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to cross site scripting. The attack can be...

CVE-2024-3376 SourceCodester Computer Laboratory Management System config.php redirect

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack remotely. The explo...

CVE-2024-3376

CVE-2024-3376 affects SourceCodester Computer Laboratory Management System 1.0. The vulnerability is in the config.php file, where manipulation of the url parameter leads to execution after redirect, enabling remote initiation of an attack. Exploit details are publicly disclosed per the sources. ...

Computer Laboratory Management System 安全漏洞

Computer Laboratory Management System is a computer laboratory management system. A security vulnerability exists in SourceCodester Computer Laboratory Management System version 1.0, which originates from a security flaw in the parameter url of the config.php file...

Computer Laboratory Management System SQL注入漏洞

Computer Laboratory Management System is a computer laboratory management system. A SQL injection vulnerability exists in SourceCodester Computer Laboratory Management System version 1.0, which originates from a SQL injection vulnerability in the parameter id of the file classes/user.php...

CVE-2024-3139 SourceCodester Computer Laboratory Management System save_users improper authorization

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function saveusers of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization. The attack ma...

CVE-2024-2068

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...

CVE-2024-2068 SourceCodester Computer Inventory System update-computer.php cross site scripting

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...

CVE-2024-2067

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be initiated remotely. T...

CVE-2024-2067

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be initiated remotely. T...

CVE-2024-2066

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack...

Cross site scripting

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack...

CVE-2023-1363

CVE-2023-1363 affects SourceCodester Computer Parts Sales and Inventory System 1.0. Affected component: Add User Account. The vulnerability arises from manipulating the username argument, triggering cross-site scripting that can be exploited remotely. Multiple sources confirm the issue and note t...

CVE-2023-1363 SourceCodester Computer Parts Sales and Inventory System Add User Account cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...