CVE-2024-9808

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=products/viewproduct. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2024-9799

A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument...

CVE-2024-9809

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function deleteproduct of the file /classes/Master.php?f=deleteproduct. The manipulation of the argument id leads to sql injection. The attack can be launch...

CVE-2024-46293

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether t...

CVE-2024-9321

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/inquiries/viewdetails.php. The manipulation of the argument id leads to improper access controls. The attack may be initiated...

CVE-2024-9300

A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contactus.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting. T...

CVE-2024-9315

A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/managedepartment.php. The manipulation of the argument id leads to sql injection. The attack may ...

CVE-2024-9092

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...

CVE-2024-9081

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file viewcategory.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

CVE-2024-8949

A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cartid/id leads to improper ownership management. It is possible to...

CVE-2024-8951

A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file managefee.php. The manipulation of the argument toview leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2024-8142

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/delete-calorie.php. The manipulation of the argument calorie leads to cross site scripting. The attack can be initiate...

CVE-2024-8348

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function deletecategory of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. The...

CVE-2024-8347

A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function deleterecord of the file /classes/Master.php?f=deleterecord. The manipulation of the argument id leads to sql injection. The attack can be...

CVE-2024-8346

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to sql injection. It is possible to...

CVE-2024-8345

A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2024-8342

A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/addclient.php. The manipulation of the argument imageprofile leads to unrestricted upload. The attack may be...

CVE-2024-8339

A vulnerability was found in SourceCodester Electric Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /?page=tracks of the component Connection Code Handler. The manipulation of the argument code leads to sql injection...

CVE-2024-8140

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file update-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-7948

A vulnerability classified as problematic was found in SourceCodester Accounts Manager App 1.0. This vulnerability affects unknown code of the file update-account.php of the component Update Account Page. The manipulation of the argument Account Name/Username/Password/Link leads to cross site...