Insecure Direct Object Reference (IDOR)

in2code/femanager is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to improper access control on the user parameter in the newAction method of the newController, allows attackers to manipulate the parameter to access data of other frontend users...

CVE-2021-37193

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid or vice-versa...

SourceCodester Clinics Patient Management System SQL注入漏洞

SourceCodester Clinics Patient Management System is a clinic patient management system from SourceCodester, Inc. A SQL injection vulnerability exists in SourceCodester Clinics Patient Management System version 1.0, which stems from an incorrect manipulation of the parameter username that can lead...

Sql injection

A vulnerability was found in SourceCodester User Registration and Login System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument user leads to sql injection. The attack may be launched remotely...