CVE-2020-25272

In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in booknow.php...

Design/Logic Flaw

In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in booknow.php...

CVE-2020-25273

In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection...

CVE-2020-25272

In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in booknow.php...

CVE-2020-23828

A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution RCE on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses...

CVE-2020-23828

A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution RCE on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses...

CVE-2020-24195

An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution...

CVE-2020-24195

An Arbitrary File Upload in the Upload Image component in Sourcecodester Online Bike Rental v1.0 allows authenticated administrator to conduct remote code execution...

CVE-2020-24208

A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters...

Sourcecodester Online Grading System SQL Injection Vulnerability

Sourcecodester Online Grading System is a student information management system. The system provides functions such as student information management and online grading. A SQL injection vulnerability exists in the Sourcecodester Online Grading System. An attacker can exploit this vulnerability to...

CVE-2019-18344

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page id or classid parameter...

CVE-2019-18344

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page id or classid parameter...

CVE-2019-18280

Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code via a crafted HTML page, as demonstrated by a Create User action at the...

Cross site request forgery (csrf)

Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code via a crafted HTML page, as demonstrated by a Create User action at the...

CVE-2019-18280

Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code via a crafted HTML page, as demonstrated by a Create User action at the...