EUVD-2021-33106

Malicious code in bioql PyPI...

CVE-2025-6872 SourceCodester Simple Company Website SystemSettings.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely...

CVE-2022-25094

Home Owners Collection Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via the parameter "cover" in SystemSettings.php...

PT-2025-16793 · Unknown · Sourcecodester Online Id Generator System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online ID Generator System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achievable through the id...

Prison Management System 1.0 Code Injection

============================================================================================================================================= | Title : Prison Management System v1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

Queuing Simple Chatbot 1.0 Shell Upload

============================================================================================================================================= | Title : Queuing Simple Chatbot 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

CVE-2024-8346 SourceCodester Computer Laboratory Management System SystemSettings.php update_settings_info sql injection

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to sql injection. It is possible to...

CVE-2024-8346 SourceCodester Computer Laboratory Management System SystemSettings.php update_settings_info sql injection

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument name leads to sql injection. It is possible to...

CVE-2024-8084 SourceCodester Online Computer and Laptop Store Setting SystemSettings.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /php-ocls/classes/SystemSettings.php?f=updatesettings of the component Setting Handler. The manipulation of the argument System Name lea...

Accounting Journal Management System 1.0 Code Injection

============================================================================================================================================= | Title : Accounting Journal Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

CVE-2024-7914

A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0. Affected is an unknown function of the file /php-ycrs/classes/SystemSettings.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the...

CVE-2024-7914 SourceCodester Yoga Class Registration System SystemSettings.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0. Affected is an unknown function of the file /php-ycrs/classes/SystemSettings.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the...

CVE-2024-7914 SourceCodester Yoga Class Registration System SystemSettings.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0. Affected is an unknown function of the file /php-ycrs/classes/SystemSettings.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the...

CVE-2024-7677 SourceCodester Car Driving School Management System SystemSettings.php update_settings_info cross site scripting

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument contact/address...

CVE-2024-7677

CVE-2024-7677 affects SourceCodester Car Driving School Management System 1.0. The vulnerability is in the function update_settings_info of /classes/SystemSettings.php?f=update_settings, where manipulating the contact/address argument triggers cross-site scripting. It can be exploited remotely, a...

CVE-2024-7677 SourceCodester Car Driving School Management System SystemSettings.php update_settings_info cross site scripting

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function updatesettingsinfo of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument contact/address...

Dino Physics School Assistant 跨站脚本漏洞

Dino Physics School Assistant is an application. A cross-site scripting vulnerability exists in Dino Physics School Assistant version 2.3, which stems from unrecognized code in /classes/SystemSettings.php that leads to a cross-site scripting attack via the parameter name...

CVE-2024-4820 SourceCodester Online Computer and Laptop Store unrestricted upload

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/SystemSettings.php?f=updatesettings. The manipulation leads to unrestricted upload. The attack can be...

CVE-2023-38761

Cross Site Scripting XSS vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component...

CVE-2023-38761

Cross Site Scripting XSS vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted payload to the systemSettings.php component...