openBI Code Issues Vulnerabilities

openBI is a big data visualization solution from openBI, Inc. A code issue vulnerability exists in openBI 6.0.3 and earlier versions, which stems from the parameter outimgurl in the file application/controllers/User.php that causes deserialization...

SourceCodester QR Code Login System 安全漏洞

QR Code Login System is a modern authentication QR code solution for rems individual developers. A security vulnerability exists in the SourceCodester QR Code Login System version 1.0, which stems from the fact that add-user.php contains an unknown function that leads to cross-site scripting via...

Sven gopeak masterlab code issue vulnerability

Sven gopeak masterlab is a Sven open source application. Provides simple and efficient , agile development based project management tools . Sven gopeak masterlab version 3.3.10 and earlier versions of the code problematic vulnerability , the vulnerability stems from app/ctrl/admin/User.php...

CVE-2023-49030

SQL Injection vulnerability in32ns KLive v.2019-1-19 and before allows a remote attacker to obtain sensitive information via a crafted script to the web/user.php component...

CVE-2023-49030

SQL Injection vulnerability in32ns KLive v.2019-1-19 and before allows a remote attacker to obtain sensitive information via a crafted script to the web/user.php component...

CVE-2023-45345

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...

PT-2023-5425 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.25 Description: An authenticated SQL injection issue allows authenticated users to perform privilege escalation and remote code execution. The issue resides in the reports user.php file, specifically in the ajax ge...

CVE-2020-36034

SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manageuser.php...

emlog SQL注入漏洞

emlog is a PHP and MySQL based CMS builder for emlog personal developers. A SQL injection vulnerability exists in emlog version 2.1.9, which stems from the lack of validation of externally entered SQL statements in the file /admin/user.php. An attacker can exploit this vulnerability to execute...

CVE-2023-3465

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site...

PT-2023-20794 · Sourcecodester · Sourcecodester File Tracker Manager System

Name of the Vulnerable Software and Affected Versions: SourceCodester File Tracker Manager System version 1.0 Description: A vulnerability has been found in the SourceCodester File Tracker Manager System, affecting the file /file manager/admin/save user.php of the component POST Parameter Handler...

CVE-2023-2412

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...

CVE-2023-2149

A vulnerability classified as critical was found in Campcodes Online Thesis Archiving System 1.0. This vulnerability affects unknown code of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

PT-2023-17249 · Sourcecodester · Sourcecodester Simple Task Allocation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Task Allocation System version 1.0 Description: A critical issue has been found in the manage user.php file, where the manipulation of the id argument leads to sql injection. This issue can be exploited remotely. The...

CVE-2023-27207

Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manageuser.php...

Best POS Management System SQL注入漏洞

Best pos management system is a best pos management system by Mayuri K. Personal developer. A security vulnerability exists in Best POS Management System version 1.0, which originates from a SQL injection vulnerability via the id parameter in /kruxton/manageuser.php...

CVE-2022-41536

Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /saccoshield/manageuser.php...

CVE-2021-40261

Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...

CVE-2021-26230

Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to saveuser.php...

CASAP Automated Enrollment SQL注入漏洞

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization in the United States. The purpose of the project is to provide CASAP with an automated enrollment system to streamline the school process and make it more effective, efficient and easy to retrieve...