CVE-2024-9298

CVE-2024-9298 affects SourceCodester Online Railway Reservation System 1.0, specifically the Ticket Handler’s /?page=tickets functionality. The vulnerability arises from improper access controls when manipulating the id argument, enabling a remote attacker to access parts of the system. The issue...

CVE-2024-9298 SourceCodester Online Railway Reservation System Ticket ?page=tickets access control

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access...

CVE-2024-9297

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

CVE-2024-9297 SourceCodester Online Railway Reservation System admin improper authorization

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

CVE-2024-9297

The CVE-2024-9297 entry concerns SourceCodester Online Railway Reservation System 1.0. An improper authorization vulnerability exists in the admin area, where manipulating the page parameter with trains/schedules/system_info on the /admin/ path can be exploited remotely. The impact is described a...

CVE-2024-9297 SourceCodester Online Railway Reservation System admin improper authorization

A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/systeminfo leads to improper...

CVE-2024-9296

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9296

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9296 SourceCodester Advocate Office Management System forgot_pass.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9296

SourceCodester Advocate Office Management System 1.0 is affected by a SQL injection in the forgot_pass.php handler, triggered by manipulating the username parameter. The vulnerability is exploitable remotely and has been publicly disclosed. The affected file is /control/forgot_pass.php; no concre...

CVE-2024-9296 SourceCodester Advocate Office Management System forgot_pass.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgotpass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotel...

CVE-2024-9295

A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-9295

A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-9295 SourceCodester Advocate Office Management System login.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-9295 SourceCodester Advocate Office Management System login.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The...

CVE-2024-9295

CVE-2024-9295 affects SourceCodester Advocate Office Management System 1.0. The vulnerability is an SQL injection in the login flow, caused by unsafely processing the username parameter in /control/login.php. It can be exploited remotely and has been publicly disclosed. Multiple sources corrobora...

PT-2024-39564 · Sourcecodester · Sourcecodester Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue affects the processing of the file /admin/maintenance/manage department.php, where the manipulation of the id argument leads to SQL...

PT-2024-39553 · Sourcecodester · Sourcecodester Online Railway Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A vulnerability was found in the Ticket Handler component, specifically affecting some unknown functionality of the file /?page=tickets. The manipulation of the id...

SourceCodester Online Timesheet App SQL注入漏洞

SourceCodester Online Timesheet App is a web application from SourceCodester built with PHP and MySQL designed to simplify time management and task tracking. A SQL injection vulnerability exists in the SourceCodester Online Timesheet App version 1.0, which stems from an SQL injection issue...

PT-2024-39555 · Sourcecodester · Sourcecodester Online Railway Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A problematic issue was found in the Message Us Form component, specifically in the contact us.php file. The manipulation of the fullname, email, or message arguments...