CVE-2023-1294

A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /filemanager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is...

CVE-2023-0964

A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Affected is an unknown function of the file admin/products/viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2023-1292

A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. This vulnerability affects the function deleteclient of the file classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. T...

CVE-2023-0986

A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/?page=user/manageuser of the component Edit User. The manipulation of the argument id leads to sql injection. It is possible to initiate the...

CVE-2023-32066

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

CVE-2023-32308

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

CVE-2023-1290

A vulnerability, which was classified as critical, has been found in SourceCodester Sales Tracker Management System 1.0. Affected by this issue is some unknown functionality of the file admin/clients/viewclient.php. The manipulation of the argument id leads to sql injection. The attack may be...

CVE-2023-1302

A vulnerability, which was classified as problematic, was found in SourceCodester File Tracker Manager System 1.0. This affects an unknown part of the file normal/borrow1.php. The manipulation of the argument id with the input 1" leads to cross site scripting. It is possible to initiate the attac...

CVE-2023-30111

Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scripting XSS...

CVE-2023-1464

A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file Users.php?f=saveuser. The manipulation of the argument firstname/middlename/lastname/username/password leads to improper authentication. It is...

CVE-2023-1785

A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifie...

CVE-2023-1291

A vulnerability, which was classified as critical, was found in SourceCodester Sales Tracker Management System 1.0. This affects an unknown part of the file admin/clients/manageclient.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

CVE-2023-3184

A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username leads to cross sit...

CVE-2023-1689

A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?a=saveearning. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2023-2772

A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/managebudget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It i...

CVE-2023-5581

A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclos...

CVE-2022-25803

Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search...

CVE-2022-25802

Best Practical Request Tracker RT before 4.4.6 and 5.x before 5.0.3 allows XSS via a crafted content type for an attachment...

CVE-2022-24708

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. ttUser.class.php in Time Tracker versions prior to 1.20.0.5646 was not escaping primary group name for display. Because of that, it was possible for a logged in user to modify primary group name with element...

CVE-2022-45033

A cross-site scripting XSS vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field...