22 matches found
CVE-2024-33968
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33988
CVE-2024-33988 affects School Attendance Monitoring System and School Event Management System (version 1.0). The vulnerability is a Cross-Site Scripting (XSS) in the /report/attendance_print.php endpoint, exploitable via crafted values in Attendance, attenddate, and YearLevel parameters to cause ...
CVE-2024-33988 Cross-Site Scripting (XSS) vulnerability in Janobe products
Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and...
CVE-2024-33987 Cross-Site Scripting (XSS) vulnerability in Janobe products
Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate', 'YearLevel...
CVE-2024-33987
The CVE-2024-33987 entry describes a Cross-Site Scripting (XSS) vulnerability in Janobe’s School Attendance Monitoring System and School Event Management System (version 1.0). The issue allows an attacker to craft a URL targeting parameters such as Attendance, attenddate, YearLevel, eventdate, ev...
CVE-2024-33984 Cross-Site Scripting (XSS) vulnerability in Janobe products
Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and...
CVE-2024-33983 Cross-Site Scripting (XSS) vulnerability in Janobe products
Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and...
CVE-2024-33973
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33968
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33967
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLeve...
CVE-2024-33973 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33973 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33968
CVE-2024-33968 describes a SQL injection in the PayPal, Credit Card and Debit Card Payment app (version 1.0) from Janobe. The vulnerability is exploitable via the AttendanceMonitoring/report/index.php endpoint, specifically through the Attendance and YearLevel parameters, allowing retrieval of da...
CVE-2024-33968 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33968 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in...
CVE-2024-33967 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLeve...
CVE-2024-33967
CVE-2024-33967 describes an SQL injection in the PayPal, Credit Card and Debit Card Payment system (version 1.0) by targeting the /AttendanceMonitoring/report/attendance_print.php endpoint. An attacker can craft a query via the view parameter to retrieve all data stored in the system, specificall...
CVE-2024-33967 SQL injection in Janobe products
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLeve...
PT-2024-25605 · Paypal · Paypal
Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: The issue allows an attacker to exploit a SQL injection vulnerability by sending a specially crafted query to the server. This can lead to the retrieval of all information...
PT-2024-25600 · Paypal · Paypal
Name of the Vulnerable Software and Affected Versions: PayPal, Credit Card and Debit Card Payment version 1.0 Description: The issue allows an attacker to exploit a SQL injection vulnerability by sending a specially crafted query to the server. This can lead to the retrieval of all information...