Authentication flaw

A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit ha...

CVE-2022-2767 SourceCodester Online Admission System index.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Admission System. This affects an unknown part of the file /index.php. The manipulation of the argument studentadd leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2022-2767

The CVE-2022-2767 entry concerns SourceCodester Online Admission System, with a cross-site scripting vulnerability in an unknown part of /index.php. The issue arises from manipulating the student_add parameter, allowing remote initiation of the attack. The exploit has been disclosed publicly and ...

CVE-2022-2766

CVE-2022-2766 affects the SourceCodester Loan Management System. Affected component: unknown functionality in the file /index.php ; vulnerability arises from manipulating the password parameter, causing a SQL injection . Exploitation can be remote and the exploit has been publicly disclosed (VDB-...

CVE-2022-2766 SourceCodester Loan Management System index.php sql injection

A vulnerability was found in SourceCodester Loan Management System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The exploit has be...

CVE-2022-2765

CVE-2022-2765 affects SourceCodester Company Website CMS 1.0. An unknown functionality in the /dashboard/settings file enables improper authentication, with remote exploitation reportedly disclosed publicly. The vulnerability is described as critical with potential impact on confidentiality, inte...

CVE-2022-2765 SourceCodester Company Website CMS settings improper authentication

A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit ha...

CVE-2022-2748

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2022-2745

A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. This affects an unknown part of the file /admin/addtrainers.php of the component Add New Trainer. The manipulation of the argument trainername leads to sql injection. It is possible to initiate t...

CVE-2022-2736

A vulnerability was found in SourceCodester Company Website CMS. It has been classified as critical. This affects an unknown part of the file /dashboard/updatelogo.php of the component Background Upload Logo Icon. The manipulation of the argument xfile/ufile leads to unrestricted upload. It is...

CVE-2022-2747

A vulnerability was found in SourceCodester Simple Online Book Store and classified as critical. This issue affects some unknown processing of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The associated identifier of th...

Sql injection

A vulnerability was found in SourceCodester Simple Online Book Store and classified as critical. This issue affects some unknown processing of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The associated identifier of th...

Out-of-bounds

A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attack can be initiate...

Cross site scripting

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The...

Design/Logic Flaw

A vulnerability, which was classified as critical, was found in SourceCodester Company Website CMS. Affected is an unknown function of the file /dashboard/add-service.php of the component Add Service Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack...

Out-of-bounds

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigne...

Design/Logic Flaw

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/add-portfolio.php. The manipulation of the argument ufile leads to unrestricted upload. The attack may be launched remotely. The...

CVE-2022-2751 SourceCodester Company Website CMS add-portfolio.php unrestricted upload

A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/add-portfolio.php. The manipulation of the argument ufile leads to unrestricted upload. The attack may be launched remotely. The...

CVE-2022-2751

SourceCodester Company Website CMS has a variant where manipulating the ufile parameter in /dashboard/add-portfolio.php enables unrestricted file uploads, allowing remote exploitation. The issue is documented as CVE-2022-2751 with a high/critical impact (NVD CVSS v3.1: 9.8) and represents an unre...

CVE-2022-2750

CVE-2022-2750 affects SourceCodester Company Website CMS. The vulnerability resides in an unknown function of the file /dashboard/add-service.php (Add Service Handler) and allows unrestricted uploads, with remote exploitation potential. The vulnerability is labeled critical (NVD CVSSv3.1: 9.8, ne...