CVE-2024-9315

CVE-2024-9315 affects SourceCodester Employee and Visitor Gate Pass Logging System v1.0. The issue is a SQL injection in the /admin/maintenance/manage_department.php page caused by unsafely handling the id parameter, enabling remote exploitation. Multiple sources confirm the vulnerability details...

CVE-2024-9315 SourceCodester Employee and Visitor Gate Pass Logging System manage_department.php sql injection

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/managedepartment.php. The manipulation of the argument id leads to sql injection. The attack may ...

CVE-2024-9315 SourceCodester Employee and Visitor Gate Pass Logging System manage_department.php sql injection

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/managedepartment.php. The manipulation of the argument id leads to sql injection. The attack may ...

CVE-2024-9300

A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contactus.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. T...

CVE-2024-9300

A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contactus.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. T...

CVE-2024-9300 SourceCodester Online Railway Reservation System Message Us Form contact_us.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contactus.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. T...

CVE-2024-9300 SourceCodester Online Railway Reservation System Message Us Form contact_us.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contactus.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. T...

CVE-2024-9299

A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. This affects an unknown part of the file /?page=reserve. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate th...

CVE-2024-9299 SourceCodester Online Railway Reservation System ?page=reserve cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. This affects an unknown part of the file /?page=reserve. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate th...

CVE-2024-9299

The CVE-2024-9299 entry concerns SourceCodester Online Railway Reservation System version 1.0. The vulnerability is a cross-site scripting (XSS) flaw arising from manipulation of the First Name/Middle Name/Last Name parameters on the /?page=reserve endpoint. A remote attacker can exploit this, wi...

CVE-2024-9299 SourceCodester Online Railway Reservation System ?page=reserve cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. This affects an unknown part of the file /?page=reserve. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate th...

CVE-2024-9298 SourceCodester Online Railway Reservation System Ticket ?page=tickets access control

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access...

CVE-2024-9298

CVE-2024-9298 affects SourceCodester Online Railway Reservation System 1.0, specifically the Ticket Handler’s /?page=tickets functionality. The vulnerability arises from improper access controls when manipulating the id argument, enabling a remote attacker to access parts of the system. The issue...

CVE-2024-9298 SourceCodester Online Railway Reservation System Ticket ?page=tickets access control

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access...

CVE-2024-9297

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

CVE-2024-9297 SourceCodester Online Railway Reservation System admin improper authorization

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

CVE-2024-9296

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9296

SourceCodester Advocate Office Management System 1.0 is affected by a SQL injection in the forgot_pass.php handler, triggered by manipulating the username parameter. The vulnerability is exploitable remotely and has been publicly disclosed. The affected file is /control/forgot_pass.php; no concre...

CVE-2024-9296 SourceCodester Advocate Office Management System forgot_pass.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9296 SourceCodester Advocate Office Management System forgot_pass.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...