11 matches found
CVE-2024-3225
The CVE-2024-3225 entry concerns SourceCodester PHP Task Management System 1.0, where the vulnerability resides in edit-task.php. The issue stems from manipulation of the task_id argument, leading to SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Multiple...
CVE-2024-3224
CVE-2024-3224 affects SourceCodester PHP Task Management System 1.0, with a vulnerability in the file task-details.php where manipulating the task_id parameter leads to SQL injection. This is a network-accessible issue reported as critical, with public disclosure of exploits per the NVD entry. Th...
CVE-2024-3223
CVE-2024-3223 affects SourceCodester PHP Task Management System 1.0. The vulnerability resides in the unknown function within the file admin-manage-user.php , where manipulating the parameter admin_id leads to SQL injection . It can be exploited remotely, and public disclosures exist. Connected s...
CVE-2024-3221
CVE-2024-3221 affects SourceCodester PHP Task Management System 1.0, with a vulnerability in attendance-info.php where manipulating the user_id parameter leads to SQL injection. The issue can be exploited remotely and has public disclosure; associated references indicate a high/critical risk depe...
CVE-2024-29303
CVE-2024-29303 affects SourceCodester PHP Task Management System 1.0. The delete admin users function is vulnerable to SQL Injection, with an attacker-controlled admin_id parameter (GET). Public references show a crafted exploit attempting SQL manipulation, indicating potential data disclosure/mo...
CVE-2024-29301
The CVE-2024-29301 affects SourceCodester PHP Task Management System 1.0. The vulnerability is an SQL Injection in update-admin.php?admin_id=, caused by unsanitized input to the admin_id parameter in the update-admin flow. Multiple connected sources confirm the issue and even provide an exploit e...
CVE-2024-28613
CVE-2024-28613 describes an SQL Injection vulnerability in PHP Task Management System v1.0. The flaw allows a remote attacker to escalate privileges and access sensitive information through the task_id parameter used by task-details.php and edit-task.php. Public references in the initial and conn...
CVE-2024-29302
CVE-2024-29302 affects SourceCodester PHP Task Management System 1.0, vulnerable to SQL Injection via update-employee.php. Technical details in PacketStorm show exploitation through unsafely constructed SQL using admin_id from GET and posted data, enabling potentially unauthorized access or data ...
CVE-2024-3222
CVE-2024-3222 affects SourceCodester PHP Task Management System 1.0, specifically the admin-password-change.php path. The root cause is improper handling of the admin_id parameter, enabling SQL injection. The vulnerability is described as exploitable remotely, with public disclosure of the exploi...
CVE-2024-28556
SourceCodester PHP Task Management System v1.0 is vulnerable to SQL Injection through a crafted payload to admin-manage-user.php, allowing remote code execution, privilege escalation, and access to sensitive data. The CVE is rated CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no...
CVE-2024-28557
CVE-2024-28557 affects Sourcecodester PHP Task Management System v1.0, with a SQL Injection vulnerability in update-admin.php. The underlying cause is improper input handling that allows an attacker to inject SQL through crafted payloads, enabling remote code execution, privilege escalation, and ...