280 matches found
CVE-2024-7368
CVE-2024-7368 affects SourceCodester Simple Realtime Quiz System 1.0 in the /ajax.php?action=save_quiz endpoint. The vulnerability arises from manipulating the title parameter, enabling cross-site scripting (XSS). The issue can be exploited remotely and is publicly disclosed. Exploit details are ...
CVE-2024-7367 SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit...
CVE-2024-7367 SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit...
PT-2024-38303 · Sourcecodester · Sourcecodester Simple Realtime Quiz System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Realtime Quiz System version 1.0 Description: A critical issue affects some unknown functionality of the file /quiz board.php. The manipulation of the quiz argument leads to SQL injection. The attack can be launched...
CVE-2024-6951
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...
CVE-2024-6951 SourceCodester Simple Online Book Store System admin_delete.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...
CVE-2024-6830
CVE-2024-6830 affects SourceCodester Simple Inventory Management System 1.0, specifically the Order Handler’s file action.php. The vulnerability arises from an unauthenticated manipulation of the order_id argument, leading to SQL injection. It is described as exploitable remotely, with public dis...
CVE-2024-6280 SourceCodester Simple Online Bidding System unrestricted upload
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=savesettings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack...
CVE-2024-6280 SourceCodester Simple Online Bidding System unrestricted upload
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=savesettings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack...
CVE-2024-5428 SourceCodester Simple Online Bidding System HTTP POST Request save_product cross-site request forgery
A vulnerability classified as problematic was found in SourceCodester Simple Online Bidding System 1.0. Affected by this vulnerability is the function saveproduct of the file /admin/index.php?page=manageproduct of the component HTTP POST Request Handler. The manipulation leads to cross-site reque...
CVE-2024-5101
A vulnerability was found in SourceCodester Simple Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file updateproduct.php. The manipulation of the argument ITEM leads to sql injection. The attack can be initiated remotely. The exploit has bee...
CVE-2024-5101
CVE-2024-5101 affects SourceCodester Simple Inventory System v1.0, with a SQL injection in updateproduct.php triggered by the ITEM parameter. The issue allows remote exploitation and has been publicly disclosed; multiple sources corroborate the vulnerability. Root cause: input appended into SQL q...
CVE-2024-5100
CVE-2024-5100 is a SQL injection in SourceCodester Simple Inventory System 1.0, affecting the file tableedit.php . The issue arises from improper handling of the from and to parameters, allowing an attacker to manipulate input values to execute arbitrary SQL. The vulnerability is exploitable remo...
CVE-2024-5099
A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...
CVE-2024-5099 SourceCodester Simple Inventory System updateprice.php sql injection
A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...
CVE-2024-5099 SourceCodester Simple Inventory System updateprice.php sql injection
A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...
CVE-2024-5099
CVE-2024-5099 concerns SourceCodester Simple Inventory System 1.0. The vulnerability resides in the file updateprice.php , where manipulating the argument ITEM results in an SQL injection. The issue is exploitable remotely, and public exploit information has been disclosed. Several connected sour...
CVE-2024-5098
A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...
CVE-2024-5098 SourceCodester Simple Inventory System login.php sql injection
A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...
CVE-2024-5097 SourceCodester Simple Inventory System tableedit.php#page=editprice cross-site request forgery
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Inventory System 1.0. Affected is an unknown function of the file /tableedit.phppage=editprice. The manipulation of the argument itemnumber leads to cross-site request forgery. It is possible to launch the...