CVE-2025-63716

The CVE-2025-63716 entry concerns SourceCodester Leads Manager Tool v1.0, which is vulnerable to Cross-Site Request Forgery (CSRF). The root cause stated across sources is lack of CSRF protection mechanisms (no anti-CSRF tokens and no same-origin verification) on critical endpoints, enabling unau...

EUVD-2024-48531

Malicious code in bioql PyPI...

EUVD-2024-48530

Malicious code in bioql PyPI...

EUVD-2024-48782

Malicious code in bioql PyPI...

CVE-2024-7942

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7644

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7942

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942

CVE-2024-7942 affects SourceCodester Leads Manager Tool 1.0, specifically the update-leads.php file. The vulnerability is a cross-site scripting (XSS) issue triggered by a manipulated phone_number argument and can be exploited remotely. The public exploit is noted in multiple references. The conn...

CVE-2024-7942 SourceCodester Leads Manager Tool update-leads.php cross site scripting

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7942 SourceCodester Leads Manager Tool update-leads.php cross site scripting

A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the argument phonenumber leads to cross site scripting. The attack can be initiated remotely. The exploi...

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7643

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7644

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

SourceCodester Leads Manager Tool SQL注入漏洞

SourceCodester Leads Manager Tool is a Leads Management Tool from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Leads Manager Tool version 1.0, which originates from a SQL injection vulnerability in the Delete Leads Handler component on the /endpoint/delete-leads.php...

CVE-2024-7644

SourceCodester Leads Manager Tool 1.0 is affected by a cross-site scripting vulnerability in the Add Leads Handler, specifically the /endpoint/add-leads.php endpoint. The issue arises from manipulating the leads_name and phone_number parameters, enabling remote XSS. The vulnerability is publicly ...

CVE-2024-7644 SourceCodester Leads Manager Tool Add Leads add-leads.php cross site scripting

A vulnerability was found in SourceCodester Leads Manager Tool 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-leads.php of the component Add Leads Handler. The manipulation of the argument leadsname/phonenumber leads to cross site scripting. It ...

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...

CVE-2024-7643

SourceCodester Leads Manager Tool 1.0 contains a SQL injection vulnerability in the Delete Leads Handler, specifically the file /endpoint/delete-leads.php where the leads argument is vulnerable. Exploitation can be remote, and the exploit has been disclosed publicly. Multiple connected sources co...

CVE-2024-7643 SourceCodester Leads Manager Tool Delete Leads delete-leads.php sql injection

A vulnerability was found in SourceCodester Leads Manager Tool 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/delete-leads.php of the component Delete Leads Handler. The manipulation of the argument leads leads to sql injection. The atta...