Lucene search
K
JkevRecord Management System

17 matches found

CVE
CVE
added 2024/07/31 9:31 a.m.63 views

CVE-2024-7309

SourceCodester Record Management System 1.0 has a cross-site scripting vulnerability in entry.php via the school parameter. The issue can be exploited remotely, and public disclosures (VDB-273201) exist. Multiple connected sources confirm the vulnerability specifics, but no product patch/version ...

5.4CVSS3.8AI score0.00438EPSS
CVE
CVE
added 2024/07/19 8:31 a.m.58 views

CVE-2024-6904

CVE-2024-6904 affects SourceCodester Record Management System 1.0; the vulnerability is in the sort2_user.php file where manipulating the qualification argument enables SQL injection. It is exploitable remotely and publicly disclosed. Connected sources corroborate remote exploitability and a SQL ...

8.8CVSS6.8AI score0.00532EPSS
CVE
CVE
added 2024/07/19 9:0 a.m.58 views

CVE-2024-6905

The CVE-2024-6905 entry concerns SourceCodester Record Management System 1.0. It affects the code path in the file view_info_user.php, where manipulating the id argument leads to SQL injection. The vulnerability can be triggered remotely, and the exploit has been disclosed publicly. Multiple sour...

8.8CVSS6.9AI score0.00566EPSS
CVE
CVE
added 2024/07/19 7:31 a.m.57 views

CVE-2024-6902

CVE-2024-6902 affects SourceCodester Record Management System 1.0, specifically the sort_user.php file. The vulnerability arises from manipulating the sort parameter, resulting in a SQL injection that can be triggered remotely. The exploit has been publicly disclosed. Documents consistently descr...

8.8CVSS6.9AI score0.00545EPSS
CVE
CVE
added 2024/07/19 9:31 a.m.57 views

CVE-2024-6906

CVE-2024-6906 affects SourceCodester Record Management System v1.0. The vulnerability is in add_leave_non_user.php where manipulation of the LSS parameter leads to SQL injection, exploitable remotely (no user interaction). Multiple sources confirm the issue and that exploit information is publicl...

8.8CVSS6.9AI score0.00532EPSS
CVE
CVE
added 2024/07/19 8:0 a.m.56 views

CVE-2024-6903

CVE-2024-6903 affects SourceCodester Record Management System 1.0, with a vulnerability in the file sort1_user.php where manipulating the position argument enables SQL injection. The issue is exploitable remotely, and multiple sources indicate an active exploit/disclosure. Root cause: improper ha...

8.8CVSS6.8AI score0.00545EPSS
CVE
CVE
added 2024/07/21 12:31 p.m.55 views

CVE-2024-6954

SourceCodester Record Management System 1.0 contains a cross-site scripting (XSS) vulnerability in sort1.php caused by improper handling of the position argument. The vulnerability allows remote attackers to inject scripts, with exploitation requiring user interaction in some CVE views, and the a...

6.1CVSS3.8AI score0.00428EPSS
CVE
CVE
added 2024/07/19 10:0 a.m.54 views

CVE-2024-6907

CVE-2024-6907 affects SourceCodester Record Management System 1.0, specifically the sort.php file where manipulation of the sort argument enables cross-site scripting (XSS). The vulnerability can be triggered remotely and has been disclosed publicly. Connected sources provide concrete details: vu...

5.4CVSS3.8AI score0.00447EPSS
CVE
CVE
added 2024/07/31 10:0 a.m.54 views

CVE-2024-7310

Affected product: SourceCodester Record Management System 1.0. Vulnerable component: sort_user.php (via the sort parameter). Root cause: lack of input validation/escaping allowing cross-site scripting (XSS). Impact: remote attacker can manipulate the sort value to inject script; exploitation is p...

6.1CVSS3.9AI score0.00453EPSS
CVE
CVE
added 2024/07/19 3:31 a.m.52 views

CVE-2024-6898

CVE-2024-6898 affects SourceCodester Record Management System 1.0. The vulnerability is a SQL injection in an unknown part of the file index.php caused by manipulation of the UserName argument. It can be triggered remotely, and multiple sources indicate public disclosure of the exploit. The explo...

9.8CVSS7.5AI score0.00604EPSS
CVE
CVE
added 2024/07/19 7:0 a.m.52 views

CVE-2024-6901

CVE-2024-6901 affects SourceCodester Record Management System 1.0, specifically the unknown function in entry.php. The vulnerability arises from SQL injection triggered by manipulating the school parameter, allowing remote exploitation. Public disclosure of the exploit is noted (VDB-271926). Mult...

8.8CVSS7.7AI score0.00545EPSS
CVE
CVE
added 2024/07/19 5:0 a.m.51 views

CVE-2024-6899

The CVE-2024-6899 entry concerns SourceCodester Record Management System 1.0. Affected component: view_info.php; vulnerability arises from manipulating the id argument to cause SQL injection. Impact is described as remote attacker capability with potential high confidentiality, integrity, and ava...

9.8CVSS6.9AI score0.00607EPSS
CVE
CVE
added 2024/07/19 6:31 a.m.50 views

CVE-2024-6900

CVE-2024-6900 affects SourceCodester Record Management System 1.0. The vulnerability is a SQL injection in the file edit_emp.php, triggered by manipulating the id argument. Exploitation appears possible remotely and the exploit has been disclosed publicly. Other connected documents confirm the is...

8.8CVSS6.9AI score0.00545EPSS
CVE
CVE
added 2024/07/21 1:0 p.m.50 views

CVE-2024-6955

CVE-2024-6955 concerns SourceCodester Record Management System 1.0, specifically an issue in the file sort2.php where manipulating the (qualification/argument) enables cross-site scripting. The connected sources confirm remote exploitation and that the exploit has been publicly disclosed. Affecte...

6.1CVSS3.8AI score0.00455EPSS
CVE
CVE
added 2024/08/24 10:0 p.m.49 views

CVE-2024-8136

CVE-2024-8136 affects SourceCodester Record Management System 1.0, with a cross-site scripting vulnerability in the sort1_user.php file. The root cause is manipulation of the position argument, enabling a remote attack. Exploitation has been disclosed publicly. There is no confirmed patch/version...

6.1CVSS3.8AI score0.00401EPSS
CVE
CVE
added 2024/08/24 11:0 p.m.46 views

CVE-2024-8137

CVE-2024-8137 pertains to SourceCodester Record Management System 1.0. The vulnerability is in the file search_user.php where the search parameter manipulation leads to cross-site scripting (XSS) . The issue is described as exploitable remotely, and public disclosures exist. Connected documents c...

6.1CVSS3.9AI score0.00386EPSS
CVE
CVE
added 2024/10/10 8:0 p.m.43 views

CVE-2024-9810

CVE-2024-9810 affects SourceCodester Record Management System 1.0. The vulnerability resides in the file sort2_user.php where manipulation of the qualification parameter enables cross-site scripting. The issue can be exploited remotely, and public exploit information exists. Documents provide no ...

6.1CVSS4AI score0.00418EPSS