Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save...
9.8CVSS
9.4AI Score
0.003EPSS
Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via...
9.8CVSS
9.8AI Score
0.001EPSS
In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site...
5.4CVSS
5.5AI Score
0.001EPSS
Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the...
9.8CVSS
9.9AI Score
0.017EPSS
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.001EPSS
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this...
9.8CVSS
9.8AI Score
0.002EPSS
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in...
9.8CVSS
9.1AI Score
0.002EPSS
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.001EPSS
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.001EPSS
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw...
9.8CVSS
9.9AI Score
0.001EPSS
Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's...
9.8CVSS
9.4AI Score
0.002EPSS
Sourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerability path is...
9.8CVSS
9.7AI Score
0.006EPSS
Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID parameter in...
9.8CVSS
9.7AI Score
0.003EPSS
A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text...
5.4CVSS
5.3AI Score
0.001EPSS
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add...
5.4CVSS
5.3AI Score
0.0004EPSS
Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at...
9.8CVSS
9.7AI Score
0.002EPSS
An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/...
9.8CVSS
9.4AI Score
0.001EPSS
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user...
5.4CVSS
5.8AI Score
0.001EPSS
Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User...
6.1CVSS
6AI Score
0.001EPSS
Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component...
9.8CVSS
9.8AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be initiated remotely. The...
6.1CVSS
6AI Score
0.001EPSS
A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The...
5.4CVSS
5.2AI Score
0.001EPSS