Lucene search
K
Oretnom23Ac Repair And Services System

16 matches found

CVE
CVE
added 2025/03/23 4:31 p.m.62 views

CVE-2025-2655

SourceCodester AC Repair and Services System 1.0 is affected by CVE-2025-2655. The vulnerability resides in the save_users and delete_users functions in /classes/Users.php, where manipulation of the ID argument yields an SQL injection. The issue allows remote exploitation and, per the public disc...

9.8CVSS7.3AI score0.00547EPSS
Web
CVE
CVE
added 2023/05/11 1:0 p.m.56 views

CVE-2023-2656

CVE-2023-2656 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a SQL injection in the function/file path /classes/Master.php?f=delete_service, triggered by manipulating the id parameter, allowing remote exploitation. Public exploits exist. Multiple sources corroborat...

9.8CVSS7.4AI score0.00937EPSS
Web
CVE
CVE
added 2025/03/23 4:0 p.m.54 views

CVE-2025-2654

SourceCodester AC Repair and Services System 1.0 contains an SQL injection vulnerability in the admin/services/manage_service.php script, triggered by manipulation of the ID parameter. The issue is exploitable remotely and is considered critical based on the CVE description. The connected sources...

9.8CVSS7.5AI score0.00527EPSS
Web
CVE
CVE
added 2023/07/13 12:0 p.m.50 views

CVE-2023-3661

CVE-2023-3661 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is an SQL injection in an unknown portion of the file /classes/Master.php?f=save_inquiry, triggered by manipulating the id argument. The issue enables remote exploitation and impacts confidentiality, integri...

9.8CVSS8.3AI score0.00465EPSS
Web
CVE
CVE
added 2023/07/13 10:31 a.m.49 views

CVE-2023-3658

CVE-2023-3658 affects SourceCodester AC Repair and Services System 1.0, specifically the HTTP POST Request Handler in Master.php?f=delete_book. The vulnerability arises from unsafely manipulating the id parameter, leading to SQL injection that can be exploited remotely. Reports indicate a critica...

9.8CVSS8.3AI score0.00465EPSS
CVE
CVE
added 2023/07/15 8:0 a.m.49 views

CVE-2023-3678

CVE-2023-3678 affects SourceCodester AC Repair and Services System 1.0. The vulnerability resides in the HTTP POST Request Handler at /classes/Master.php?f=delete_inquiry where the id argument is manipulated to yield an SQL injection. Descriptions consistently state remote exploitation and a crit...

9.8CVSS8.3AI score0.00425EPSS
Web
CVE
CVE
added 2023/04/28 10:31 p.m.47 views

CVE-2023-2408

CVE-2023-2408 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a SQL injection in the file services/view.php triggered by manipulating the id argument. It can be exploited remotely; public disclosure is noted. Connected sources confirm the issue and provide a CVSS ba...

6.5CVSS6.7AI score0.0063EPSS
Web
CVE
CVE
added 2023/04/28 11:0 p.m.47 views

CVE-2023-2410

CVE-2023-2410 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is an SQL injection in the /admin/bookings/view_booking.php script triggered by manipulating the id parameter, allowing remote exploitation. Evidence across multiple sources confirms the issue, with mentions...

6.5CVSS6.8AI score0.0063EPSS
Web
CVE
CVE
added 2023/04/28 11:0 p.m.47 views

CVE-2023-2411

CVE-2023-2411 affects SourceCodester AC Repair and Services System 1.0. The issue is a SQL injection in the /admin/inquiries/view_inquiry.php endpoint caused by improper handling of the id parameter. This allows remote exploitation and has been publicly disclosed. Affected software is Version 1.0...

6.5CVSS6.8AI score0.0063EPSS
Web
CVE
CVE
added 2023/04/28 11:31 p.m.47 views

CVE-2023-2412

CVE-2023-2412 affects SourceCodester AC Repair and Services System 1.0. Affects the function in /admin/user/manage_user.php where the id parameter is manipulated to cause SQL injection. Exploitation appears possible remotely; public disclosures exist (VDB-227706). No concrete patch/version fix is...

6.5CVSS6.8AI score0.00526EPSS
Web
CVE
CVE
added 2023/04/28 10:31 p.m.46 views

CVE-2023-2409

SourceCodester AC Repair and Services System 1.0 contains a SQL injection flaw in the /admin/services/view_service.php file, exploitable via the id parameter. Attacker can remotely trigger the vulnerability; public disclosures exist (VDB-227703). Public references describe the issue as critical w...

6.5CVSS6.8AI score0.0063EPSS
Web
CVE
CVE
added 2023/07/13 10:0 a.m.46 views

CVE-2023-3657

CVE-2023-3657 affects SourceCodester AC Repair and Services System 1.0. The vulnerability arises in the HTTP POST Request Handler during processing of Master.php?f=save_book, where manipulation of the id parameter leads to an SQL injection. Multiple connected sources corroborate the issue and ide...

9.8CVSS8.3AI score0.00465EPSS
CVE
CVE
added 2023/07/11 3:31 p.m.44 views

CVE-2023-3619

CVE-2023-3619 affects SourceCodester AC Repair and Services System 1.0. The SQL injection arises from manipulating the id parameter in the Master.php?f=save_service handler via HTTP POST, enabling remote exploitation. Several connected sources corroborate the issue and its impact as critical/remo...

9.8CVSS8.3AI score0.00492EPSS
CVE
CVE
added 2023/04/29 12:0 a.m.40 views

CVE-2023-2413

CVE-2023-2413 affects SourceCodester AC Repair and Services System 1.0 . The flaw is in file /admin/bookings/manage_booking.php , where the application directly uses the id parameter in a SQL query, resulting in a SQL injection vulnerability. Reports indicate the issue is exploitable remotely and...

6.5CVSS6.8AI score0.0063EPSS
Web
CVE
CVE
added 2023/09/17 5:0 a.m.40 views

CVE-2023-5021

CVE-2023-5021 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a cross-site scripting flaw in the admin/?page=system_info/contact_information path, caused by manipulation of the telephone/mobile/address parameters. It can be exploited remotely. The description does n...

6.1CVSS4.5AI score0.00312EPSS
Web
CVE
CVE
added 2023/07/13 11:0 a.m.39 views

CVE-2023-3659

CVE-2023-3659 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a cross-site scripting (XSS) issue in the admin/?page=user/manage_user endpoint, triggered by manipulating the firstname/middlename parameters. Documents consistently describe remote-access capable XSS vi...

6.1CVSS4.8AI score0.00339EPSS
Web