3 matches found
CVE-2024-4500
SourceCodester Prison Management System 1.0 contains a vulnerability in the /Employee/edit-photo.php handler. The parameter userImage enables unrestricted file upload, which can be triggered remotely. The issue is explicitly described as allowing an unrestricted upload and has been publicly discl...
CVE-2024-3440
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/editprofile.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has...
CVE-2022-2018
A vulnerability classified as critical has been found in SourceCodester Prison Management System 1.0. Affected is an unknown function of the file /admin/?page=inmates/viewinmate of the component Inmate Handler. The manipulation of the argument id with the input...