Online Movie Streaming 1.0 SQL Injection

Exploit Title: Online Movie Streaming 1.0 - Authentication Bypass Date: 2020-12-27 Exploit Author: Kshitiz Raj manitorpotterk Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...

House Rental And Property Listing 1.0 Cross Site Scripting

Exploit Title: House Rental and Property Listing 1.0 - Multiple Stored XSS Tested on: Windows 10 Exploit Author: Mohamed habib Smidi Craniums Date: 2020-12-28 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html...

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

CVE-2020-28073

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system...

CVE-2020-28074

SourceCodester Online Health Care System 1.0 is affected by SQL Injection which allows a potential attacker to bypass the authentication system and become an admin...

Sql injection

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

Sql injection

SourceCodester Online Health Care System 1.0 is affected by SQL Injection which allows a potential attacker to bypass the authentication system and become an admin...

Sql injection

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system...

CVE-2020-28074

CVE-2020-28074 affects SourceCodester Online Health Care System 1.0. The vulnerability is SQL Injection in the login/authentication flow, enabling bypass of authentication and potential admin access. Public exploit details exist (Packet Storm) showing authentication bypass via crafted SQL in logi...

CVE-2020-28073

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system...

CVE-2020-28073

CVE-2020-28073 affects SourceCodester Library Management System 1.0. The vulnerability is a SQL injection in the login/authentication flow that allows an attacker to bypass authentication and impersonate any user. The attack is demonstrated in public references (e.g., PacketStorm) with a repro sh...

CVE-2020-28071

SourceCodester Alumni Management System 1.0 is affected by a Stored Cross-Site Scripting (XSS) in /admin/gallery.php. After admin authentication, an attacker can supply an XSS payload in the description field named “about” when uploading a gallery image, triggering stored XSS that can affect both...

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

CVE-2020-28070

The CVE-2020-28070 entry affects SourceCodester Alumni Management System 1.0. A SQL injection vulnerability exists in view_event.php via the GET parameter id, enabling arbitrary remote code execution. Public sources (e.g., PacketStorm) describe blind SQL injection exploitable through the id param...

Class Scheduling System 1.0 - Multiple Stored XSS

Exploit Title: Class Scheduling System 1.0 - Multiple Stored XSS Exploit Author: Aakash Madaan Godsky Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/5175/class-scheduling-system.html Software Link:...

Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS

Exploit Title: Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS Exploit Author: Vijay Sachdeva pwnshell Date: 2020-12-23 Vendor Homepage: https://www.sourcecodester.com/php/11238/sales-and-inventory-system-grocery-store.html Software Link:...

SourceCodester Sales and Inventory System SQL Injection (CVE-2020-28133)

An SQL injection vulnerability exists in SourceCodester Sales and Inventory System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Alumni Management System 1.0 - Unrestricted File Upload To RCE

Exploit Title: Alumni Management System 1.0 - Unrestricted File Upload To RCE Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...

Online Health Card System 1.0 SQL Injection

Exploit Title: ​Authentication Bypass via ​SQL injection on ​Online Health Care System 1.0 Date: 23/10/2020 Exploit Author: Valerio Alessandroni Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14526/online-health-care-system-php-full-source-code-...

Sourcecodester SourceCodester Online Library Management System SQL注入漏洞

SourceCodester Online Library Management System is an online library management system from SourceCodester, Inc. in the United States. A SQL injection vulnerability exists in SourceCodester Online Library Management System 1.0, which allows an attacker to bypass user authentication and emulate...