Lucene search
+L

126 matches found

ptsecurity
ptsecurity
added 2024/11/14 12:0 a.m.6 views

PT-2024-34423 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /admin/school year.php file, specifically via the school year parameter. This allows for potential exploitation. Recommendations: F...

7.2CVSS7.8AI score0.00379EPSS
Exploits1References3
cve
cve
added 2024/11/14 12:0 a.m.76 views

CVE-2024-50837

CVE-2024-50837 pertains to the Kashipara E-learning Management System Project 1.0. It describes a stored XSS vulnerability in the /admin/admin_user.php endpoint where an attacker can inject scripts via the firstname and username parameters. The CVSS 3.1 base score is 5.4 (Medium) with network att...

5.4CVSS5.7AI score0.00462EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2024/11/01 1:0 a.m.35 views

CVE-2024-10609 itsourcecode Tailoring Management System Project typeadd.php sql injection

A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS0.00543EPSS
Exploits1References5
packetstorm
packetstorm
added 2024/10/01 12:0 a.m.244 views

Online Tourism Management System 1.0 Insecure Settings

======================================================================================================================================================== | Title : online tourism management system 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser...

7.4AI score
Exploits0
vulnrichment
vulnrichment
added 2024/07/09 12:0 a.m.15 views

CVE-2024-37873

SQL injection vulnerability in viewpayslip.php in Itsourcecode Payroll Management System Project In PHP With Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

9AI score0.00666EPSS
Exploits1References1
nvd
nvd
added 2024/06/17 7:15 p.m.33 views

CVE-2024-37840

SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System Project In PHP With Source Code v1.0 allows remote attackers to execute arbitrary SQL commands via the LessonID parameter...

8.8CVSS0.00539EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/05/17 12:0 a.m.3 views

SourceCodester Online Examination System SQL注入漏洞

SourceCodester Online Examination System is an online examination system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Online Examination System Project version 1.0, which originates from the parameter email in the file registeracc.php that can lead to SQL...

9.8CVSS7.9AI score0.00746EPSS
Exploits1References5
prion
prion
added 2024/02/27 2:15 a.m.28 views

Sql injection

SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

8.6AI score0.00739EPSS
Exploits0References1
cve
cve
added 2023/12/20 8:29 p.m.41 views

CVE-2023-48434

CVE-2023-48434 affects Online Voting System Project v1.0. The reg_action.php resource’s username parameter does not validate input, sending unfiltered data to the database and allowing unauthenticated SQL injection. Multiple connected sources corroborate this vulnerability, consistently describin...

9.8CVSS10AI score0.00666EPSS
Exploits0References2Affected Software1
cve
cve
added 2023/06/29 12:0 a.m.46 views

CVE-2023-34487

The CVE-2023-34487 entry is confirmed with concrete details in connected data: itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection via the login password input field. An external GitHub exploit demonstrates a time-based blind SQL injection against the ...

9.8CVSS9.9AI score0.00857EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2023/06/21 1:15 p.m.32 views

CVE-2023-33584

Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection SQLI attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process...

9.8CVSS9.9AI score0.14242EPSS
Exploits5References5
cve
cve
added 2023/06/21 12:0 a.m.88 views

CVE-2023-33584

Enrollment System Project V1.0 from Sourcecodester is vulnerable to SQL Injection in the login flow (username/password inputs) that can bypass authentication and gain unauthorized access. Root cause: improper validation/sanitization of input in login queries. Public exploits exist (e.g., Exploit-...

9.8CVSS9.8AI score0.14242EPSS
Exploits5References5Affected Software1
cnnvd
cnnvd
added 2023/06/04 12:0 a.m.10 views

Enrollment System Project SQL注入漏洞

Enrollment System Project is an enrollment system project by Carlo Montero Individual Developer. A security vulnerability exists in version 1.0 of Enrollment System Project that stems from the presence of a SQL injection vulnerability...

9.8CVSS8.5AI score0.14242EPSS
Exploits5References6
osv
osv
added 2023/02/27 4:15 p.m.7 views

CVE-2023-23158

A stored cross-site scripting XSS vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter on the enquiry page...

5.4CVSS5.9AI score0.00561EPSS
Exploits1References3
cve
cve
added 2023/02/27 12:0 a.m.53 views

CVE-2023-23158

CVE-2023-23158 refers to a stored cross-site scripting (XSS) vulnerability in the Art Gallery Management System Project v1.0. The issue allows an attacker to execute arbitrary web scripts or HTML by injecting a crafted payload into the message parameter on the enquiry page. The PT-2023-18865 entr...

5.4CVSS5.2AI score0.00561EPSS
Exploits1References3Affected Software1
cve
cve
added 2023/02/27 12:0 a.m.49 views

CVE-2023-23157

Affected software: Art Gallery Management System Project v1.0. The vulnerability is a stored XSS in the fullname parameter on the enquiry page, caused by unsanitized input. Impact described: attackers can execute arbitrary web scripts/HTML; potential data theft or session compromise. Remediation ...

5.4CVSS5.2AI score0.00561EPSS
Exploits1References3Affected Software1
cnvd
cnvd
added 2022/11/24 12:0 a.m.36 views

Billing System Project getOrderReport.php SQL Injection Vulnerability

Billing System Project is a billing system project by Mayuri K. Individual developer. Billing System Project v1.0 suffers from a SQL injection vulnerability that stems from a lack of validation of the endDate parameter in getOrderReport.php against an externally entered SQL statement. An attacker...

9.8CVSS9.6AI score0.00871EPSS
Exploits0References1
osv
osv
added 2022/11/23 3:15 a.m.5 views

CVE-2022-43213

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php...

9.8CVSS5.8AI score0.00787EPSS
Exploits0References2
nvd
nvd
added 2022/11/23 3:15 a.m.12 views

CVE-2022-43213

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php...

9.8CVSS0.00787EPSS
Exploits0References2
prion
prion
added 2022/11/23 3:15 a.m.16 views

Sql injection

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php...

7.5CVSS9.7AI score0.00787EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder