CVE-2024-10421

A vulnerability classified as critical was found in SourceCodester Attendance and Payroll System 1.0. This vulnerability affects unknown code of the file /admin/overtimerow.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-10421 SourceCodester Attendance and Payroll System overtime_row.php sql injection

A vulnerability classified as critical was found in SourceCodester Attendance and Payroll System 1.0. This vulnerability affects unknown code of the file /admin/overtimerow.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-10421

CVE-2024-10421 affects SourceCodester Attendance and Payroll System 1.0. Affects code in the file /admin/overtime_row.php where manipulating the id parameter leads to SQL injection. The attack can be initiated remotely and the exploit has been disclosed publicly. Reported impacts indicate potenti...

CVE-2024-10420

A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-10420 SourceCodester Attendance and Payroll System update.php upload unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-10420

SourceCodester Attendance and Payroll System 1.0 is affected by a vulnerability in the upload function of /marimar/guest/update.php where the image parameter can be manipulated to cause unrestricted file upload. This can be exploited remotely, and multiple sources confirm the exploit has been pub...

CVE-2024-10413

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10413 SourceCodester Online Hotel Reservation System update.php upload unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10411 SourceCodester Online Hotel Reservation System controller.php doCheckout sql injection

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...

CVE-2024-10410

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...

CVE-2024-10410 SourceCodester Online Hotel Reservation System controller.php upload unrestricted upload

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...

CVE-2024-10410

CVE-2024-10410 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the upload function at /admin/mod_room/controller.php?action=add, where manipulating the image argument leads to unrestricted file upload, enabling a remote attack. The exploit has been disclos...

CVE-2024-10407

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

SourceCodester Online Hotel Reservation System 代码问题漏洞

SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A code issue vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which stems from an unrestricted file upload vulnerability in the image parameter of the...

CVE-2024-10407 SourceCodester Petrol Pump Management Software edit_customer.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-10407 SourceCodester Petrol Pump Management Software edit_customer.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-10380 SourceCodester Petrol Pump Management Software ajax_product.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/ajaxproduct.php. The manipulation of the argument dropservices leads to sql injection. The attack may be...

CVE-2024-10380

CVE-2024-10380 affects SourceCodester Petrol Pump Management Software 1.0. The vulnerability is an SQL injection in the file /admin/ajax_product.php triggered by manipulating the drop_services parameter. The attack can be launched remotely and, according to sources, the exploit has been disclosed...

CVE-2024-10371 SourceCodester Payroll Management System main login buffer overflow

A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. This affects the function login of the file main. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used...

CVE-2024-10355 SourceCodester Petrol Pump Management Software invoice.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched...