62 matches found
CVE-2026-14691
CVE-2026-14691 affects SourceCodester Multi-Vendor Online Grocery Management System 1.0. The vulnerability resides in the function update_settings_info of the file classes/SystemSettings.php (Setting Handler). Manipulating the argument content[] enables code injection. The attack is described as ...
CVE-2023-38761
Cross Site Scripting XSS vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component...
PHP SPM 1.0 Code Injection
============================================================================================================================================= | Title : php spm 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits ...
Online Traffic Offense 1.0 CSRF / Arbitrary File Upload
============================================================================================================================================= | Title : Online Traffic Offense 1.0 Auth by Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...
Water Billing Management System 1.0 Cross Site Request Forgery / File Upload
============================================================================================================================================= | Title : Water Billing Management System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0....
CVE-2024-8084
A vulnerability, which was classified as problematic, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /php-ocls/classes/SystemSettings.php?f=updatesettings of the component Setting Handler. The manipulation of the argument System Name lea...
CVE-2024-8084 SourceCodester Online Computer and Laptop Store Setting SystemSettings.php cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /php-ocls/classes/SystemSettings.php?f=updatesettings of the component Setting Handler. The manipulation of the argument System Name lea...
CVE-2024-35351
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=updatesettings. Manipulating the parameter name results in cross-site scripting...
CVE-2024-35351
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=updatesettings. Manipulating the parameter name results in cross-site scripting...
PT-2024-25472 · Sourcecodester · Sourcecodester Computer Laboratory Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Laboratory Management System version 1.0 Description: A vulnerability was found in the SourceCodester Computer Laboratory Management System, affecting unknown code of the file /classes/SystemSettings.php?f=update...
Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution Exploit
Exploit Title: Multi-Vendor Online Groceries Management System 1.0 - Remote Code Execution RCE Date: 4/23/2023 Author: Or4nG.M4n Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
CVE-2023-27666
Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the name parameter at /classes/SystemSettings.php?f=updatesettings...
Fedora: Security Advisory for plasma-systemsettings (FEDORA-2023-e31c3e4b6c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
March 28, 2022—KB5011563 (OS Build 22000.593) Preview
None None...
Remote code execution
Home Owners Collection Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the parameter "cover" in SystemSettings.php...
Cab Management System 1.0 Remote Code Execution
Exploit Title: Cab Management System 1.0 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html Version : 1.0 Tested on: windows 10 xammp | Kali...
Cab Management System 1.0 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Cab Management System 1.0 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html Version : 1.0 Tested on: windows 10 xammp | Kali...
Home Owners Collection Management System 1.0 Shell Upload
Exploit Title: Home Owners Collection Management System 1.0 - Remote Code Execution RCE Authenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Online Railway Reservation System 1.0 Cross Site Scripting
Exploit Title: Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Softwar...
Online Railway Reservation System 1.0 - (Multiple) Stored Cross Site Scripting Vulnerability
Exploit Title: Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting XSS Unauthenticated Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...