7898 matches found
CVE-2024-9295
A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...
CVE-2024-9295 SourceCodester Advocate Office Management System login.php sql injection
A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...
CVE-2024-9295
CVE-2024-9295 affects SourceCodester Advocate Office Management System 1.0. The vulnerability is an SQL injection in the login flow, caused by unsafely processing the username parameter in /control/login.php. It can be exploited remotely and has been publicly disclosed. Multiple sources corrobora...
CVE-2024-9295 SourceCodester Advocate Office Management System login.php sql injection
A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...
Online Eyewear Shop SQL注入漏洞
Online Eyewear Shop is an online eyewear store by the individual developer Carlo Montero. A SQL injection vulnerability exists in SourceCodester Online Eyewear Shop version 1.0, which originates from an SQL injection issue contained in the id parameter in the /classes/Master.php?f=deletecategory...
PT-2024-39552 · Sourcecodester · Sourcecodester Online Railway Reservation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/. The manipulation of the page argument with the input...
PT-2024-39553 · Sourcecodester · Sourcecodester Online Railway Reservation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A vulnerability was found in the Ticket Handler component, specifically affecting some unknown functionality of the file /?page=tickets. The manipulation of the id...
PT-2024-39564 · Sourcecodester · Sourcecodester Employee/Visitor Gate Pass Logging System
Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue affects the processing of the file /admin/maintenance/manage department.php, where the manipulation of the id argument leads to SQL...
Simple Online Banking System 1.0 Insecure Settings
============================================================================================================================================= | Title : Simple Online Banking System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Sample Blog Site 1.0 Remote File Inclusion
============================================================================================================================================= | Title : Sample Blog Site 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64...
Simbarashe Financial Services 2.9.0 Insecure Direct Object Reference
==================================================================================================================================== | Title : Simbarashe Financial Services v2.9.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bit...
CVE-2024-9093
A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...
CVE-2024-9092
A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...
CVE-2024-9093 SourceCodester Profile Registration without Reload Refresh GET Parameter del.php sql injection
A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...
CVE-2024-9093 SourceCodester Profile Registration without Reload Refresh GET Parameter del.php sql injection
A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...
CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting
A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...
CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting
A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...
CVE-2024-9090
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2024-9089
A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file updateloanrecord.php. The manipulation of the argument amount leads to cross site scripting. The attack may be initiated remotely. Th...
CVE-2024-9090
CVE-2024-9090 affects SourceCodester Modern Loan Management System 1.0, specifically the search_member.php file. The vulnerability is a SQL injection via the searchMember parameter, enabling remote exploitation. Public disclosures exist, and several sources classify it as critical/medium dependin...