College Management System 跨站脚本漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to college. A cross-site scripting vulnerability exists in Kashipara College Management System version 1.0, which stems from the...

College Management System 跨站脚本漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to college. A cross-site scripting vulnerability exists in Kashipara College Management System version 1.0, which stems from the...

CVE-2024-5120 SourceCodester Event Registration System sql injection

A vulnerability was found in SourceCodester Event Registration System 1.0. It has been classified as critical. Affected is an unknown function of the file /registrar/?page=registration. The manipulation of the argument e leads to sql injection. It is possible to launch the attack remotely. The...

Event Registration System SQL注入漏洞

Event Registration System is a QR code based event registration system by Carlo Montero Personal Developer. An SQL injection vulnerability exists in Event Registration System version 1.0, which originates from the presence of an unknown function in /registrar/ that causes SQL injection via the...

Directory Management System SQL注入漏洞

Directory Management System is a directory management system by the individual developer Anuj Kumar. A SQL injection vulnerability exists in Directory Management System version 1.0, which originates from an unknown function in /admin/index.php that causes SQL injection via the parameter username...

Event Registration System 跨站脚本漏洞

Event Registration System is a QR code-based event registration system by Carlo Montero, a private developer. A cross-site scripting vulnerability exists in Event Registration System version 1.0, which originates from an unknown function in /registrar/ that leads to cross-site scripting via the...

Directory Management System 跨站脚本漏洞

Directory Management System is a directory management system by the individual developer Anuj Kumar. A cross-site scripting vulnerability exists in Directory Management System version 1.0, which stems from an unknown function in /admin/admin-profile.php that results in cross-site scripting...

Event Registration System SQL注入漏洞

Event Registration System is a QR code based event registration system by Carlo Montero, a personal developer. An SQL injection vulnerability exists in Event Registration System version 1.0, which is caused by the presence of an unknown function in /registrar/ that leads to SQL injection via the...

Emlog Pro 代码问题漏洞

Emlog is a PHP and MySQL based CMS website builder for emlog individual developers. A code issue vulnerability exists in Emlog Pro version 2.3.4, which stems from an unknown function in the file admin/setting.php that causes unrestricted uploads...

CVE-2024-4966

A vulnerability was found in SourceCodester SchoolWebTech 1.0. It has been classified as critical. Affected is an unknown function of the file /improve/home.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

Faraday GM8181和Faraday GM828x 信息泄露漏洞

The Faraday GM8181 and Faraday GM828x are both hardware devices from China-based Smartwon Technology Faraday. An information disclosure vulnerability exists in the Faraday GM8181, GM828x, which stems from commandport.ini containing an unknown function that leads to information disclosure...

O2OA 信息泄露漏洞

LanDe Network O2oa is an Oa office system from LanDe Network China. An information disclosure vulnerability exists in O2OA 20240403 and prior versions, which stems from an unknown function in the file /xportal that can lead to information disclosure...

CVE-2024-2927

CVE-2024-2927 affects code-projects Mobile Shop 1.0, specifically the Login Page’s Details.php. The vulnerability is a SQL injection triggered by manipulating the id parameter, with remote-exploitability and a critical impact profile per the sources. Multiple advisories (NVD, Red Hat CVE, CVE lis...

Ruijie Networks RG-NBS2009G-P Authorization Issues Vulnerability

Ruijie Networks RG-NBS2009G-P is a network security product from China's Ruijie Networks that is commonly used as an enterprise-class network border firewall. The Ruijie Networks RG-NBS2009G-P suffers from an authorization issue vulnerability that stems from the inclusion of an unknown function i...

Employee Task Management System Security Vulnerability

Employee Task Management System is an employee task management system by Carlo Montero Personal Developer. A security vulnerability exists in Employee Task Management System version 1.0, which originates from an unknown function in /edit-task.php that can be exploited by an attacker to bypass...

CVE-2024-2268 keerti1924 Online-Book-Store-Website unrestricted upload

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0. It has been classified as critical. Affected is an unknown function of the file /productupdate.php?update=1. The manipulation of the argument updateimage leads to unrestricted upload. It is possible to launch the attack...

House Rental Management System Security Vulnerability

House Rental Management System is a house rental management system by Carlo Montero Personal Developer. A security vulnerability exists in House Rental Management System version 1.0, which stems from an unknown function in booking.php/owner.php/tenant.php that results in missing authentication...

PbootCMS Cross-Site Scripting Vulnerability

PbootCMS is a PbootCMS personal developer of an open source enterprise website content management system CMS developed using the PHP language. A cross-site scripting vulnerability exists in PbootCMS version 3.2.5-20230421, which stems from the presence of an unknown function in the system that...

Qidianbang qdbcrm Cross-Site Request Forgery Vulnerability

Qidianbang qdbcrm is a customer relationship management platform. A cross-site request forgery vulnerability exists in Qidianbang qdbcrm version 1.1.0, which originates from the inclusion of an unknown function in the component Password Reset, leading to cross-site request forgery...

meetyoucrop big-whale security breach

big-whale is a task scheduling platform open-sourced by Meiyu meetyoucrop. A security vulnerability exists in meetyoucrop big-whale version 1.1, which stems from the presence of an unknown function in /auth/user/all.api in the component Admin Module, which leads to ownership mismanagement via the...