CVE-2024-7843 SourceCodester Online Graduate Tracer System exportcs.php information disclosure

A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file /tracking/admin/exportcs.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploi...

CVE-2024-7842

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. This issue affects some unknown processing of the file /tracking/admin/exportit.php. The manipulation leads to information disclosure. The attack may be initiated remotely. Th...

CVE-2024-7841

A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/checkusername.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-7842 SourceCodester Online Graduate Tracer System export_it.php information disclosure

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. This issue affects some unknown processing of the file /tracking/admin/exportit.php. The manipulation leads to information disclosure. The attack may be initiated remotely. Th...

CVE-2024-7841 SourceCodester Clinics Patient Management System check_user_name.php sql injection

A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/checkusername.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-7812

A vulnerability classified as problematic was found in SourceCodester Best House Rental Management System 1.0. This vulnerability affects unknown code of the file /rental0/rental/ajax.php?action=savetenant of the component POST Parameter Handler. The manipulation of the argument lastname leads to...

CVE-2024-7811

A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0. This affects an unknown part of the file /endpoint/delete-expense.php. The manipulation of the argument expense leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7813 SourceCodester Prison Management System Profile Image insufficiently protected credentials

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. This issue affects some unknown processing of the file /uploadImage/Profile/ of the component Profile Image Handler. The manipulation leads to insufficiently protected credentials...

CVE-2024-7813

CVE-2024-7813 affects SourceCodester Prison Management System 1.0, specifically the Profile Image Handler via /uploadImage/Profile/. The issue arises from unknown processing of the profile image file, leading to credentials that are insufficiently protected. Exploitation is possible remotely and ...

CVE-2024-7812 SourceCodester Best House Rental Management System POST Parameter ajax.php cross site scripting

A vulnerability classified as problematic was found in SourceCodester Best House Rental Management System 1.0. This vulnerability affects unknown code of the file /rental0/rental/ajax.php?action=savetenant of the component POST Parameter Handler. The manipulation of the argument lastname leads to...

CVE-2024-7812

SourceCodester Best House Rental Management System v1.0 contains a cross-site scripting (XSS) vulnerability in the POST endpoint /rental_0/rental/ajax.php?action=save_tenant, caused by unsafely handling the lastname parameter in the Parameter Handler. The issue is exploitable remotely and publicl...

CVE-2024-7811 SourceCodester Daily Expenses Monitoring App delete-expense.php sql injection

A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0. This affects an unknown part of the file /endpoint/delete-expense.php. The manipulation of the argument expense leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-7809

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack...

CVE-2024-7810 SourceCodester Online Graduate Tracer System view_itprofile.php sql injection

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/viewitprofile.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-7810 SourceCodester Online Graduate Tracer System view_itprofile.php sql injection

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/viewitprofile.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-7809

CVE-2024-7809 affects SourceCodester Online Graduate Tracer System 1.0. The issue is an information disclosure through the directory /tracking/nbproject/, enabling exposure of potentially sensitive data via directory listing. The vulnerability is exploitable remotely, and public disclosure exists...

CVE-2024-7799

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be...

CVE-2024-7798

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=login2. The manipulation of the argument username lead...

CVE-2024-7797

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. Affected is an unknown function of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. It is...

Covid-19 Contact Tracing System 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...