329 matches found
CVE-2023-46793 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-46789 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-46787 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-46787 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-46679 Online Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtunameemail' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-46678
This CVE entry is rejected/not used and does not represent an active vulnerability.
CVE-2023-46677
CVE-2023-46677 affects Online Job Portal v1.0. The vulnerability is described as multiple unauthenticated SQL injection flaws caused by the sign‑up.php resource not validating characters in the txt_uname parameter before sending data to the database. The CVSS metrics in the initial document class...
PT-2023-30215 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the username parameter of the "auth/auth.php" resource does not validate the characters received and they are...
PT-2023-30224 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the name parameter in the register function of the functions.php file is vulnerable. Recommendations: For Onli...
PT-2023-30221 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the email parameter in the register function of the functions.php file is vulnerable. Recommendations: For...
PT-2023-30219 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the filename attribute of the pic4 multipart parameter is vulnerable. Recommendations: For Online Matrimonial...
CVE-2023-45347
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'verified' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45338
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45345
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45345
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45343
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45343
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45341
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45336
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45338
The CVE-2023-45338 entry concerns Online Food Ordering System v1.0, with multiple unauthenticated SQL Injection flaws in the routers/add-ticket.php id parameter. The root cause is insufficient input validation, sending unfiltered input to the database. Documented impact is high on confidentiality...