CVE-2024-6649 SourceCodester Employee and Visitor Gate Pass Logging System Users.php save_users cross-site request forgery

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function saveusers of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched...

Simple Online Banking System 1.0 SQL Injection Vulnerability

Exploit Title: Simple Online Banking System - SQLi Authentication Bypass Exploit Author: bRpsd Vendor Homepage: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Software Link:...

CVE-2024-6471

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. This affects an unknown part of the file smssetting.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

CVE-2024-6440

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. It is possible to launch the...

CVE-2024-6440

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. It is possible to launch the...

CVE-2024-6439

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated...

CVE-2024-6440 SourceCodester Home Owners Collection Management System sql injection

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. It is possible to launch the...

CVE-2024-6440 SourceCodester Home Owners Collection Management System sql injection

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. It is possible to launch the...

CVE-2024-6440

CVE-2024-6440 affects SourceCodester Home Owners Collection Management System 1.0. Affected component: /classes/Master.php?f=delete_category; parameter id manipulation leads to SQL injection. Attack is possible remotely and exploitation has been disclosed publicly. Several connected documents con...

CVE-2024-6439 SourceCodester Home Owners Collection Management System unrestricted upload

A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated...

CVE-2024-6439

CVE-2024-6439 affects SourceCodester Home Owners Collection Management System v1.0. The vulnerability lies in processing the img parameter of /classes/Users.php?f=save, enabling unrestricted file upload due to input manipulation. This can potentially allow remote attacker-controlled files to be u...

PT-2024-37627 · Sourcecodester · Sourcecodester Home Owners Collection Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Home Owners Collection Management System version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file...

PT-2024-37626 · Sourcecodester · Sourcecodester Home Owners Collection Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Home Owners Collection Management System version 1.0 Description: A critical issue affects the processing of the file /classes/Users.php?f=save, allowing unrestricted upload through the manipulation of the img argument. This ca...

Customer Support System 1.0 - Stored XSS

Exploit Title: Customer Support System 1.0 - XSS Cross-Site Scripting Vulnerability in the "subject" at "ticketlist" Date: 28/11/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

CVE-2024-6419 SourceCodester Medicine Tracker System sql injection

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=savemedicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2024-6417

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=deleteuser. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-6417 SourceCodester Simple Online Bidding System sql injection

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=deleteuser. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-6417 SourceCodester Simple Online Bidding System sql injection

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=deleteuser. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-6417

The CVE-2024-6417 entry concerns SourceCodester Simple Online Bidding System 1.0. The vulnerability is a SQL injection in the admin endpoint /admin/ajax.php?action=delete_user triggered by the id parameter. It is described as remote, with public exploit availability. Impact is SQL injection; in t...

Poultry Farm Management System v1.0 - Remote Code Execution (RCE)

Exploit Title: Poultry Farm Management System v1.0 - Remote Code Execution RCE Date: 24-06-2024 CVE: N/A Awaiting ID to be assigned Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://www.sourcecodester.com/php/15230/poultry-farm-management-system-free-download.html Software Link:...