7 matches found
CVE-2025-3315
The CVE-2025-3315 entry concerns SourceCodester Apartment Visitor Management System v1.0. Affected component: /view-report.php; root cause: improper handling of fromdate/todate parameters enables SQL injection. Impact is described as critical with potential remote exploitation and publicly disclo...
CVE-2025-3143
The CVE-2025-3143 entry concerns SourceCodester Apartment Visitor Management System 1.0. Affected is an unknown function in /visitor-entry.php where manipulating the visname/address parameter leads to SQL injection. The vulnerability can be exploited remotely and multiple parameters may be affect...
CVE-2025-3314
CVE-2025-3314 affects SourceCodester Apartment Visitor Management System 1.0. The vulnerability lies in the /forgotpw.php handler, where the query parameter “secode” is improperly processed, leading to SQL injection. This enables remote attackers to influence the database without authentication. ...
CVE-2025-3142
The CVE-2025-3142 issue affects SourceCodester Apartment Visitor Management System 1.0, where the buildingno parameter in /add-apartment.php enables SQL injection due to input handling flaws. The vulnerability can be exploited remotely and affects multiple parameters, with exploitation disclosed ...
CVE-2025-3045
The CVE-2025-3045 entry affects oretnom23/SourceCodester Apartment Visitor Management System v1.0. Affected is an unknown function in /remove-apartment.php; manipulating the ID parameter triggers SQL injection. Attacks can be launched remotely, and public disclosures exist. Connected sources corr...
CVE-2025-4481
The CVE-2025-4481 entry concerns SourceCodester Apartment Visitor Management System 1.0. A vulnerability exists in the file /search-result.php where the manipulation of the searchdata parameter leads to SQL injection. A remote attacker could exploit this, and multiple sources label the issue as c...
CVE-2025-4937
CVE-2025-4937 affects SourceCodester Apartment Visitor Management System 1.0. A vulnerability in the file /profile.php—via the mobilenumber parameter—allows SQL injection. The issue is exploitable remotely, and the exploit has been disclosed publicly. Other parameters may also be affected. The av...