CVE-2024-10808

A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file Admin/reqdetail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-10741

A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file /Users/registration.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2024-10655

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit has been disclose...

CVE-2024-10598 Tongda OA Annual Leave data.php improper authorization

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be...

CVE-2024-10421

A vulnerability classified as critical was found in SourceCodester Attendance and Payroll System 1.0. This vulnerability affects unknown code of the file /admin/overtimerow.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-10279

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects unknown code of the file /com/esafenet/servlet/policy/PrintPolicyService.java. The manipulation of the argument policyId leads to sql injection. The attack can be initiated remotely. The...

CGA-4PXR-GP3Q-9HFV

Bulletin has no description...

Online Shop Store 跨站脚本漏洞

Online Shop Store is an online store system. A cross-site scripting vulnerability exists in Online Shop Store version 1.0, which originates from unknown code in the file /settings.php, where improper manipulation of parameters can lead to cross-site scripting attacks...

CVE-2024-8564

A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update.php. The manipulation of the argument tblpersonid/firstname/middlename/lastname leads to sql injection. The attack can be initiated...

CVE-2024-8341 SourceCodester Petshop Management System add_user.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/adduser.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit h...

CVE-2024-8332 master-nan Sweet-CMS index sql injection

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. The attack can be initiated remotely. This product is usin...

CVE-2024-8146

A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-7753

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /userimages/. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed ...

CVE-2024-7645 SourceCodester Clinics Patient Management System User Page users.php cross-site request forgery

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file users.php of the component User Page. The manipulation leads to cross-site request forgery. The attack can be initiated...

CVE-2024-6935

Form Tools 3.1.1 is affected by a cross-site scripting vulnerability in the User Settings Page, specifically the /admin/clients/ file. The issue is triggered remotely and has publicly disclosed exploit details. Affected component/URL: /admin/clients/ within Form Tools 3.1.1. Root cause and exact ...

PT-2024-26454 · Unknown · Diño Physics School Assistant

Name of the Vulnerable Software and Affected Versions: Diño Physics School Assistant version 2.3 Description: A vulnerability has been discovered that impacts an unidentified code within the file /classes/Master.php?f=delete category. Manipulating the argument id can result in SQL injection...

CVE-2024-5118

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...

Hipcam Device 信息泄露漏洞

Hipcam Device is a series of cameras from Hipcam, Inc. An information disclosure vulnerability exists in Hipcam Device 20240511 and earlier versions, where unknown code originating from the file /log/wifi.mac can lead to information disclosure...

CVE-2024-5093

A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...

Online Birth Certificate Management System 安全漏洞

Online Birth Certificate Management System is an online birth certificate management system by Carlo Montero Individual Developer. A security vulnerability exists in Online Birth Certificate Management System version 1.0, where unknown code originating from file/admin can cause a file or director...