CVE-2024-10420 SourceCodester Attendance and Payroll System update.php upload unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-10413

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10413

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10413 SourceCodester Online Hotel Reservation System update.php upload unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10413 SourceCodester Online Hotel Reservation System update.php upload unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

CVE-2024-10413

CVE-2024-10413 affects SourceCodester Online Hotel Reservation System v1.0, specifically the upload function in /guest/update.php where manipulating the image parameter leads to unrestricted file uploads. The issue can be exploited remotely and exploits have been disclosed publicly. Connected sou...

CVE-2024-10411

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...

CVE-2024-10411 SourceCodester Online Hotel Reservation System controller.php doCheckout sql injection

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...

CVE-2024-10411 SourceCodester Online Hotel Reservation System controller.php doCheckout sql injection

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/modroom/controller.php. The manipulation of the argument id leads ...

CVE-2024-10411

CVE-2024-10411 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the admin side, in functions doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of /marimar/admin/mod_room/controller.php, where the id parameter is used in SQL queries, enabling a r...

CVE-2024-10410

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...

CVE-2024-10410 SourceCodester Online Hotel Reservation System controller.php upload unrestricted upload

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...

CVE-2024-10410 SourceCodester Online Hotel Reservation System controller.php upload unrestricted upload

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/modroom/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can b...

CVE-2024-10410

CVE-2024-10410 affects SourceCodester Online Hotel Reservation System 1.0. The vulnerability resides in the upload function at /admin/mod_room/controller.php?action=add, where manipulating the image argument leads to unrestricted file upload, enabling a remote attack. The exploit has been disclos...

CVE-2024-10407

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

SourceCodester Online Hotel Reservation System 代码问题漏洞

SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A code issue vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which stems from an unrestricted file upload vulnerability in the image parameter of the...

SourceCodester Online Hotel Reservation System 代码问题漏洞

SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A code issue vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which stems from an unrestricted file double-penetration vulnerability in the image parameter of the...

CVE-2024-10407 SourceCodester Petrol Pump Management Software edit_customer.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-10407 SourceCodester Petrol Pump Management Software edit_customer.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/editcustomer.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-10407

CVE-2024-10407 affects SourceCodester Petrol Pump Management Software 1.0. The vulnerability is a SQL injection in the /admin/edit_customer.php file, triggered by manipulating the id parameter, which can be exploited remotely. The exploit has been publicly disclosed. Public details do not specify...