22 matches found
CVE-2024-9083
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2022-45224
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...
CVE-2024-9083
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2024-9083
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file /Admin/add-admin.php. The manipulation of the argument txtfullname leads to cross site scripting. It is possible to initiate the attack remotely. The...
SourceCodester Employee Management System 跨站脚本漏洞
SourceCodester Employee Management System is a SourceCodester open source php-based system for employee performance management. A cross-site scripting vulnerability exists in SourceCodester Employee Management System version 1.0, which stems from an incorrect operation of the parameter txtfullnam...
CVE-2024-4528
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. The attack can ...
CVE-2024-4512
A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/edit-profile.php. The manipulation of the argument txtfullname/txtdob/txtaddress/txtqualification/cmddept/cmdemployeetype/txtappointmen...
Prison Management System 跨站脚本漏洞
Prison Management System is a prison management system developed by Carlo Montero. A cross-site scripting vulnerability exists in Prison Management System version 1.0, which stems from /Admin/user-record.php containing unknown functionality that leads to cross-site scripting via the txtfullname...
Employee Management System 1.0 - (txtfullname) and (txtphone) SQL Injection Vulnerability
Exploit Title: Employee Management System 1.0 - txtfullname and txtphone SQL Injection Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16999/employee-management-system.html Version: 1.0 Tested on: Debian CVE :...
PT-2024-20424 · Unknown · Employee Management System
Name of the Vulnerable Software and Affected Versions: Employee Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary SQL commands via the txtfullname and txtphone parameters in the "edit profile.php" component. Recommendations: For Employee Management...
CVE-2024-1007
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
Sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2024-1007 SourceCodester Employee Management System edit_profile.php sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editprofile.php. The manipulation of the argument txtfullname leads to sql injection. It is possible to launch the attack remotely. The explo...
Covid-19 Directory On Vaccination System 跨站脚本漏洞
The Covid-19 Directory On Vaccination System is a COVID-19 information management system by an individual developer in Ndueso Okorie, Nigeria. The system will accurately store and retrieve information about COVID-19 vaccinations in order to control the spread of a pandemic. A cross-site scripting...
PT-2023-16922 · Sourcecodester · Sourcecodester Covid-19 Directory On Vaccination System
Name of the Vulnerable Software and Affected Versions: SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System version 1.0 Description: A vulnerability has been found in the system, classified as problematic, affecting an unknown functionality of the file register.php...
CVE-2022-46096
A Cross site scripting XSS vulnerability in Sourcecodester Online Covid-19 Directory on Vaccination System v1.0 allows attackers to execute arbitrary code via the txtfullname parameter or txtphone parameter to register.php without logging in...
Online Covid-19 Directory on Vaccination System 跨站脚本漏洞
Online Covid-19 Directory on Vaccination System is a new Crown Pneumonia Vaccination System by Ndueso Okorie Personal Developer. A security vulnerability exists in Online Covid-19 Directory on Vaccination System v1.0. An attacker can exploit this vulnerability to execute arbitrary code via the...
CVE-2022-45224
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...
CVE-2022-45223
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /Admin/add-student.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...
Cross site scripting
Web-Based Student Clearance System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in Admin/add-admin.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter...