Lucene search
K

280 matches found

CVE
CVE
added 2024/08/01 9:31 p.m.52 views

CVE-2024-7368

CVE-2024-7368 affects SourceCodester Simple Realtime Quiz System 1.0 in the /ajax.php?action=save_quiz endpoint. The vulnerability arises from manipulating the title parameter, enabling cross-site scripting (XSS). The issue can be exploited remotely and is publicly disclosed. Exploit details are ...

5.4CVSS3.9AI score0.00379EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/01 9:0 p.m.15 views

CVE-2024-7367 SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit...

6.9CVSS6.8AI score0.00326EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/01 9:0 p.m.30 views

CVE-2024-7367 SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit...

6.9CVSS0.00326EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.7 views

PT-2024-38303 · Sourcecodester · Sourcecodester Simple Realtime Quiz System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Realtime Quiz System version 1.0 Description: A critical issue affects some unknown functionality of the file /quiz board.php. The manipulation of the quiz argument leads to SQL injection. The attack can be launched...

8.8CVSS8.2AI score0.00509EPSS
Exploits1References7
NVD
NVD
added 2024/07/21 11:15 a.m.24 views

CVE-2024-6951

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

9.8CVSS0.00544EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/21 11:0 a.m.14 views

CVE-2024-6951 SourceCodester Simple Online Book Store System admin_delete.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

6.5CVSS7.6AI score0.00544EPSS
Exploits1References4
CVE
CVE
added 2024/07/17 4:0 p.m.50 views

CVE-2024-6830

CVE-2024-6830 affects SourceCodester Simple Inventory Management System 1.0, specifically the Order Handler’s file action.php. The vulnerability arises from an unauthenticated manipulation of the order_id argument, leading to SQL injection. It is described as exploitable remotely, with public dis...

7.5CVSS7AI score0.00446EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/06/24 3:0 a.m.33 views

CVE-2024-6280 SourceCodester Simple Online Bidding System unrestricted upload

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=savesettings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack...

6.5CVSS0.00665EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/06/24 3:0 a.m.15 views

CVE-2024-6280 SourceCodester Simple Online Bidding System unrestricted upload

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=savesettings. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack...

6.5CVSS7.1AI score0.00665EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/28 1:31 p.m.28 views

CVE-2024-5428 SourceCodester Simple Online Bidding System HTTP POST Request save_product cross-site request forgery

A vulnerability classified as problematic was found in SourceCodester Simple Online Bidding System 1.0. Affected by this vulnerability is the function saveproduct of the file /admin/index.php?page=manageproduct of the component HTTP POST Request Handler. The manipulation leads to cross-site reque...

6.9CVSS4.7AI score0.00335EPSS
Exploits1References4
OSV
OSV
added 2024/05/19 2:15 p.m.6 views

CVE-2024-5101

A vulnerability was found in SourceCodester Simple Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file updateproduct.php. The manipulation of the argument ITEM leads to sql injection. The attack can be initiated remotely. The exploit has bee...

8.8CVSS5.8AI score0.00614EPSS
Exploits1References4
CVE
CVE
added 2024/05/19 2:0 p.m.75 views

CVE-2024-5101

CVE-2024-5101 affects SourceCodester Simple Inventory System v1.0, with a SQL injection in updateproduct.php triggered by the ITEM parameter. The issue allows remote exploitation and has been publicly disclosed; multiple sources corroborate the vulnerability. Root cause: input appended into SQL q...

8.8CVSS7.5AI score0.00614EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2024/05/19 11:31 a.m.60 views

CVE-2024-5100

CVE-2024-5100 is a SQL injection in SourceCodester Simple Inventory System 1.0, affecting the file tableedit.php . The issue arises from improper handling of the from and to parameters, allowing an attacker to manipulate input values to execute arbitrary SQL. The vulnerability is exploitable remo...

6.5CVSS7.3AI score0.0049EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/05/19 8:15 a.m.19 views

CVE-2024-5099

A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...

6.5CVSS6.8AI score0.0049EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/19 8:0 a.m.25 views

CVE-2024-5099 SourceCodester Simple Inventory System updateprice.php sql injection

A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...

6.5CVSS6.8AI score0.0049EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/19 8:0 a.m.14 views

CVE-2024-5099 SourceCodester Simple Inventory System updateprice.php sql injection

A vulnerability was found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updateprice.php. The manipulation of the argument ITEM leads to sql injection. The attack may be launched remotely. The exploit has...

6.5CVSS7.3AI score0.0049EPSS
Exploits1References4
CVE
CVE
added 2024/05/19 8:0 a.m.52 views

CVE-2024-5099

CVE-2024-5099 concerns SourceCodester Simple Inventory System 1.0. The vulnerability resides in the file updateprice.php , where manipulating the argument ITEM results in an SQL injection. The issue is exploitable remotely, and public exploit information has been disclosed. Several connected sour...

6.5CVSS7.3AI score0.0049EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/05/19 6:15 a.m.27 views

CVE-2024-5098

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

6.5CVSS5.9AI score0.00484EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/19 6:0 a.m.14 views

CVE-2024-5098 SourceCodester Simple Inventory System login.php sql injection

A vulnerability has been found in SourceCodester Simple Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public...

5.5CVSS7.3AI score0.00484EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/19 3:0 a.m.19 views

CVE-2024-5097 SourceCodester Simple Inventory System tableedit.php#page=editprice cross-site request forgery

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Inventory System 1.0. Affected is an unknown function of the file /tableedit.phppage=editprice. The manipulation of the argument itemnumber leads to cross-site request forgery. It is possible to launch the...

6.9CVSS4.7AI score0.00373EPSS
Exploits1References4
Rows per page
Query Builder