PT-2024-39552 · Sourcecodester · Sourcecodester Online Railway Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Railway Reservation System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /admin/. The manipulation of the page argument with the input...

PT-2024-39568 · Unknown · Sourcecodester Online Timesheet App

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Timesheet App version 1.0 Description: A critical vulnerability was found in the SourceCodester Online Timesheet App, affecting an unknown part of the file /endpoint/delete-timesheet.php. The manipulation of the timeshee...

Online Railway Reservation System 授权问题漏洞

Online Railway Reservation System is an online railroad reservation system by adminastro individual developers. An authorization issue vulnerability exists in SourceCodester Online Railway Reservation System version 1.0, which stems from the page with the input trains/schedules/systeminfo paramet...

SourceCodester Kortex Lite Advocate Office Management System 安全漏洞

SourceCodester Kortex Lite Advocate Office Management System is an office management system from SourceCodester, Inc. A security vulnerability exists in SourceCodester Kortex Lite Advocate Office Management System version 1.0, which originates from an SQL injection issue contained in the username...

SourceCodester Online Timesheet App 跨站脚本漏洞

SourceCodester Online Timesheet App is a SourceCodester open source web application built with PHP and MySQL designed to simplify time management and task tracking. A cross-site scripting vulnerability exists in version 1.0 of the SourceCodester Online Timesheet App, which stems from a cross-site...

Online Eyewear Shop SQL注入漏洞

Online Eyewear Shop is an online eyewear store by the individual developer Carlo Montero. A SQL injection vulnerability exists in SourceCodester Online Eyewear Shop version 1.0, which originates from an SQL injection issue contained in the id parameter in the /classes/Master.php?f=deletecategory...

Employee and Visitor Gate Pass Logging System SQL注入漏洞

Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system by Carlo Montero, an individual developer. A SQL injection vulnerability exists in SourceCodester Employee and Visitor Gate Pass Logging System version 1.0, which stems from an SQL injection in the id...

Online Railway Reservation System 跨站脚本漏洞

Online Railway Reservation System is an online railroad reservation system by adminastro individual developers. A cross-site scripting vulnerability exists in SourceCodester Online Railway Reservation System version 1.0, which stems from a cross-site scripting issue with the First Name/Middle...

Sample Blog Site 1.0 Remote File Inclusion

============================================================================================================================================= | Title : Sample Blog Site 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64...

Simbarashe Financial Services 2.9.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Simbarashe Financial Services v2.9.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bit...

Simple Online Banking System 1.0 Insecure Settings

============================================================================================================================================= | Title : Simple Online Banking System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

CVE-2024-9093

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...

CVE-2024-9092

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...

CVE-2024-9092

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...

CVE-2024-9093 SourceCodester Profile Registration without Reload Refresh GET Parameter del.php sql injection

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...

CVE-2024-9093 SourceCodester Profile Registration without Reload Refresh GET Parameter del.php sql injection

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. It is possible to initiat...

CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...

CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...

CVE-2024-9089

A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file updateloanrecord.php. The manipulation of the argument amount leads to cross site scripting. The attack may be initiated remotely. Th...

CVE-2024-9090

A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...