17 matches found
CVE-2024-7309
SourceCodester Record Management System 1.0 has a cross-site scripting vulnerability in entry.php via the school parameter. The issue can be exploited remotely, and public disclosures (VDB-273201) exist. Multiple connected sources confirm the vulnerability specifics, but no product patch/version ...
CVE-2024-6904
CVE-2024-6904 affects SourceCodester Record Management System 1.0; the vulnerability is in the sort2_user.php file where manipulating the qualification argument enables SQL injection. It is exploitable remotely and publicly disclosed. Connected sources corroborate remote exploitability and a SQL ...
CVE-2024-6905
The CVE-2024-6905 entry concerns SourceCodester Record Management System 1.0. It affects the code path in the file view_info_user.php, where manipulating the id argument leads to SQL injection. The vulnerability can be triggered remotely, and the exploit has been disclosed publicly. Multiple sour...
CVE-2024-6902
CVE-2024-6902 affects SourceCodester Record Management System 1.0, specifically the sort_user.php file. The vulnerability arises from manipulating the sort parameter, resulting in a SQL injection that can be triggered remotely. The exploit has been publicly disclosed. Documents consistently descr...
CVE-2024-6906
CVE-2024-6906 affects SourceCodester Record Management System v1.0. The vulnerability is in add_leave_non_user.php where manipulation of the LSS parameter leads to SQL injection, exploitable remotely (no user interaction). Multiple sources confirm the issue and that exploit information is publicl...
CVE-2024-6903
CVE-2024-6903 affects SourceCodester Record Management System 1.0, with a vulnerability in the file sort1_user.php where manipulating the position argument enables SQL injection. The issue is exploitable remotely, and multiple sources indicate an active exploit/disclosure. Root cause: improper ha...
CVE-2024-6954
SourceCodester Record Management System 1.0 contains a cross-site scripting (XSS) vulnerability in sort1.php caused by improper handling of the position argument. The vulnerability allows remote attackers to inject scripts, with exploitation requiring user interaction in some CVE views, and the a...
CVE-2024-7310
Affected product: SourceCodester Record Management System 1.0. Vulnerable component: sort_user.php (via the sort parameter). Root cause: lack of input validation/escaping allowing cross-site scripting (XSS). Impact: remote attacker can manipulate the sort value to inject script; exploitation is p...
CVE-2024-6907
CVE-2024-6907 affects SourceCodester Record Management System 1.0, specifically the sort.php file where manipulation of the sort argument enables cross-site scripting (XSS). The vulnerability can be triggered remotely and has been disclosed publicly. Connected sources provide concrete details: vu...
CVE-2024-6898
CVE-2024-6898 affects SourceCodester Record Management System 1.0. The vulnerability is a SQL injection in an unknown part of the file index.php caused by manipulation of the UserName argument. It can be triggered remotely, and multiple sources indicate public disclosure of the exploit. The explo...
CVE-2024-6901
CVE-2024-6901 affects SourceCodester Record Management System 1.0, specifically the unknown function in entry.php. The vulnerability arises from SQL injection triggered by manipulating the school parameter, allowing remote exploitation. Public disclosure of the exploit is noted (VDB-271926). Mult...
CVE-2024-6899
The CVE-2024-6899 entry concerns SourceCodester Record Management System 1.0. Affected component: view_info.php; vulnerability arises from manipulating the id argument to cause SQL injection. Impact is described as remote attacker capability with potential high confidentiality, integrity, and ava...
CVE-2024-6900
CVE-2024-6900 affects SourceCodester Record Management System 1.0. The vulnerability is a SQL injection in the file edit_emp.php, triggered by manipulating the id argument. Exploitation appears possible remotely and the exploit has been disclosed publicly. Other connected documents confirm the is...
CVE-2024-6955
CVE-2024-6955 concerns SourceCodester Record Management System 1.0, specifically an issue in the file sort2.php where manipulating the (qualification/argument) enables cross-site scripting. The connected sources confirm remote exploitation and that the exploit has been publicly disclosed. Affecte...
CVE-2024-8136
CVE-2024-8136 affects SourceCodester Record Management System 1.0, with a cross-site scripting vulnerability in the sort1_user.php file. The root cause is manipulation of the position argument, enabling a remote attack. Exploitation has been disclosed publicly. There is no confirmed patch/version...
CVE-2024-8137
CVE-2024-8137 pertains to SourceCodester Record Management System 1.0. The vulnerability is in the file search_user.php where the search parameter manipulation leads to cross-site scripting (XSS) . The issue is described as exploitable remotely, and public disclosures exist. Connected documents c...
CVE-2024-9810
CVE-2024-9810 affects SourceCodester Record Management System 1.0. The vulnerability resides in the file sort2_user.php where manipulation of the qualification parameter enables cross-site scripting. The issue can be exploited remotely, and public exploit information exists. Documents provide no ...