CVE-2024-4925

A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /intramssams/managecourse.php. The manipulation of the argument id leads to sql injection. The attack may be...

CVE-2024-4929

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. It is possible to initiate the...

CVE-2024-6807

A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sscdms/classes/Users.php?f=save of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2024-40475

SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control via /rental/paymentreport.php, /rental/balancereport.php, /rental/invoices.php, /rental/tenants.php, and /rental/users.php...

CVE-2024-6729

A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /control/addact.php. The manipulation of the argument aname leads to sql injection. The attack can be initiated...

CVE-2024-6904

A vulnerability, which was classified as critical, was found in SourceCodester Record Management System 1.0. This affects an unknown part of the file sort2user.php. The manipulation of the argument qualification leads to sql injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2024-6902

A vulnerability classified as critical was found in SourceCodester Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file sortuser.php. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2024-0735

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2024-6899

A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file viewinfo.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-0265

A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php of the component GET Parameter Handler. The manipulation of the argument page leads to file inclusion. The attack may be initiate...

CVE-2024-0351

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told...

CVE-2024-0347

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signupteacher.php. The manipulation of the argument Password leads to weak password requirements. The attack may be initiated remotely. The...

CVE-2024-7069

A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects some unknown processing of the file /employeegatepass/classes/Master.php?f=deletedepartment. The manipulation of the argument id leads to sql...

CVE-2024-0350

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The...

CVE-2024-2058

A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/product.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be...

CVE-2024-2148

A vulnerability classified as critical has been found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

CVE-2024-2935

A vulnerability, which was classified as problematic, has been found in SourceCodester Todo List in Kanban Board 1.0. Affected by this issue is some unknown functionality of the component Add ToDo. The manipulation of the argument Todo leads to cross site scripting. The attack may be launched...

CVE-2024-8087

A vulnerability was found in SourceCodester E-Commerce System 1.0 and classified as critical. This issue affects some unknown processing of the file /ecommerce/popupItem.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-8137

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchuser.php. The manipulation of the argument search leads to cross site scripting. The attack can be initiated remotely. The exploit...

CVE-2024-8223

A vulnerability classified as critical was found in SourceCodester Music Gallery Site 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=deletecategory. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has be...