16 matches found
CVE-2025-2655
SourceCodester AC Repair and Services System 1.0 is affected by CVE-2025-2655. The vulnerability resides in the save_users and delete_users functions in /classes/Users.php, where manipulation of the ID argument yields an SQL injection. The issue allows remote exploitation and, per the public disc...
CVE-2023-2656
CVE-2023-2656 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a SQL injection in the function/file path /classes/Master.php?f=delete_service, triggered by manipulating the id parameter, allowing remote exploitation. Public exploits exist. Multiple sources corroborat...
CVE-2025-2654
SourceCodester AC Repair and Services System 1.0 contains an SQL injection vulnerability in the admin/services/manage_service.php script, triggered by manipulation of the ID parameter. The issue is exploitable remotely and is considered critical based on the CVE description. The connected sources...
CVE-2023-3661
CVE-2023-3661 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is an SQL injection in an unknown portion of the file /classes/Master.php?f=save_inquiry, triggered by manipulating the id argument. The issue enables remote exploitation and impacts confidentiality, integri...
CVE-2023-3658
CVE-2023-3658 affects SourceCodester AC Repair and Services System 1.0, specifically the HTTP POST Request Handler in Master.php?f=delete_book. The vulnerability arises from unsafely manipulating the id parameter, leading to SQL injection that can be exploited remotely. Reports indicate a critica...
CVE-2023-3678
CVE-2023-3678 affects SourceCodester AC Repair and Services System 1.0. The vulnerability resides in the HTTP POST Request Handler at /classes/Master.php?f=delete_inquiry where the id argument is manipulated to yield an SQL injection. Descriptions consistently state remote exploitation and a crit...
CVE-2023-2408
CVE-2023-2408 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a SQL injection in the file services/view.php triggered by manipulating the id argument. It can be exploited remotely; public disclosure is noted. Connected sources confirm the issue and provide a CVSS ba...
CVE-2023-2410
CVE-2023-2410 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is an SQL injection in the /admin/bookings/view_booking.php script triggered by manipulating the id parameter, allowing remote exploitation. Evidence across multiple sources confirms the issue, with mentions...
CVE-2023-2411
CVE-2023-2411 affects SourceCodester AC Repair and Services System 1.0. The issue is a SQL injection in the /admin/inquiries/view_inquiry.php endpoint caused by improper handling of the id parameter. This allows remote exploitation and has been publicly disclosed. Affected software is Version 1.0...
CVE-2023-2412
CVE-2023-2412 affects SourceCodester AC Repair and Services System 1.0. Affects the function in /admin/user/manage_user.php where the id parameter is manipulated to cause SQL injection. Exploitation appears possible remotely; public disclosures exist (VDB-227706). No concrete patch/version fix is...
CVE-2023-2409
SourceCodester AC Repair and Services System 1.0 contains a SQL injection flaw in the /admin/services/view_service.php file, exploitable via the id parameter. Attacker can remotely trigger the vulnerability; public disclosures exist (VDB-227703). Public references describe the issue as critical w...
CVE-2023-3657
CVE-2023-3657 affects SourceCodester AC Repair and Services System 1.0. The vulnerability arises in the HTTP POST Request Handler during processing of Master.php?f=save_book, where manipulation of the id parameter leads to an SQL injection. Multiple connected sources corroborate the issue and ide...
CVE-2023-3619
CVE-2023-3619 affects SourceCodester AC Repair and Services System 1.0. The SQL injection arises from manipulating the id parameter in the Master.php?f=save_service handler via HTTP POST, enabling remote exploitation. Several connected sources corroborate the issue and its impact as critical/remo...
CVE-2023-2413
CVE-2023-2413 affects SourceCodester AC Repair and Services System 1.0 . The flaw is in file /admin/bookings/manage_booking.php , where the application directly uses the id parameter in a SQL query, resulting in a SQL injection vulnerability. Reports indicate the issue is exploitable remotely and...
CVE-2023-5021
CVE-2023-5021 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a cross-site scripting flaw in the admin/?page=system_info/contact_information path, caused by manipulation of the telephone/mobile/address parameters. It can be exploited remotely. The description does n...
CVE-2023-3659
CVE-2023-3659 affects SourceCodester AC Repair and Services System 1.0. The vulnerability is a cross-site scripting (XSS) issue in the admin/?page=user/manage_user endpoint, triggered by manipulating the firstname/middlename parameters. Documents consistently describe remote-access capable XSS vi...