Lucene search
K
CampcodesOnline Event Management System

5 matches found

CVE
CVE
added 2024/04/09 11:0 p.m.90 views

CVE-2024-3522

Campcodes Online Event Management System 1.0 is affected by a SQL injection in /api/process.php via the userId parameter. Root cause: improper handling of user-supplied input leads to injection. Impact is described as high for confidentiality, integrity, and availability, with remote exploitation...

8.8CVSS6.8AI score0.00675EPSS
Web
CVE
CVE
added 2024/04/10 12:31 a.m.54 views

CVE-2024-3526

CVE-2024-3526 affects Campcodes Online Event Management System 1.0. An XSS flaw exists in the index.php file where the msg parameter is not properly filtered/escaped, allowing remote injection of arbitrary script code. Several connected sources describe the issue and confirm that the vulnerabilit...

5.4CVSS6.2AI score0.00642EPSS
CVE
CVE
added 2024/04/09 11:0 p.m.49 views

CVE-2024-3523

CVE-2024-3523 is a reported SQL injection in Campcodes Online Event Management System v1.0, triggered by manipulating the ID parameter in the /views/index.php file. The vulnerability is exploitable remotely, with the exploit publicly disclosed. Affects unknown code paths in the identified file; i...

8.8CVSS6.9AI score0.00675EPSS
Web
CVE
CVE
added 2024/04/09 11:31 p.m.49 views

CVE-2024-3524

CVE-2024-3524 affects Campcodes Online Event Management System 1.0. A cross-site scripting flaw arises from unknown processing in /views/process.php where manipulating the name argument enables XSS. The attack can be remote and the exploit has been publicly disclosed. Sources consistently referen...

5.4CVSS6.2AI score0.00494EPSS
CVE
CVE
added 2024/04/10 12:0 a.m.29 views

CVE-2024-3525

CVE-2024-3525 affects Campcodes Online Event Management System 1.0. An XSS vulnerability exists in an unknown function of /views/index.php through the msg parameter, exploitable remotely and with the vulnerability publicly disclosed. Affected impact is consistent with reflected/XSS behavior; expl...

5.4CVSS6.2AI score0.00547EPSS
Web