12 matches found
CVE-2024-7666
The CVE-2024-7666 entry describes a SQL injection in SourceCodester Car Driving School Management System 1.0 affecting the file view_package.php, triggered by manipulating the id parameter. This vulnerability can be exploited remotely and has been publicly disclosed. Affected component is unclear...
CVE-2024-7677
CVE-2024-7677 affects SourceCodester Car Driving School Management System 1.0. The vulnerability is in the function update_settings_info of /classes/SystemSettings.php?f=update_settings, where manipulating the contact/address argument triggers cross-site scripting. It can be exploited remotely, a...
CVE-2024-7665
CVE-2024-7665 affects SourceCodester Car Driving School Management System 1.0, with a SQL injection in the manage_package.php file caused by manipulation of the id parameter. The vulnerability can be exploited remotely and the exploit has been disclosed publicly. Affected component/filename: mana...
CVE-2024-7678
CVE-2024-7678 pertains to SourceCodester Car Driving School Management System 1.0. A cross-site scripting vulnerability resides in the public function at /classes/Master.php?f=save_package, triggered by manipulating the name/description/training_duration parameters. The issue is exploitable remot...
CVE-2024-7664
CVE-2024-7664 affects SourceCodester Car Driving School Management System 1.0. The vulnerability is an SQL injection in an unknown function within view_details.php triggered by manipulating the id parameter, allowing remote exploitation. Multiple sources confirm the issue and public disclosure of...
CVE-2024-7662
The CVE-2024-7662 entry concerns SourceCodester Car Driving School Management System 1.0. The vulnerability affects the admin/packages/manag_package.php function save_package and allows cross-site request forgery (CSRF) with remote initiation. Public exploit information is noted in the initial da...
CVE-2024-7676
CVE-2024-7676 affects Sourcecodester Car Driving School Management System 1.0. The vulnerability is a SQL injection in the function save_package (file /classes/Master.php?f=save_package) caused by manipulating the argument id. It can be triggered remotely and has been publicly disclosed. Multiple...
CVE-2024-7661
The CVE-2024-7661 entry affects SourceCodester Car Driving School Management System 1.0, specifically the save_users function in admin/user/index.php. The vulnerability is cross‑site request forgery that can be triggered remotely, and public disclosures exist. Connected sources describe the issue...
CVE-2024-7668
CVE-2024-7668 affects SourceCodester Car Driving School Management System 1.0, specifically the delete_package function in Master.php. The vulnerability is an SQL injection caused by unsafely handling the id parameter, allowing remote exploitation. Public disclosures exist, and multiple sources c...
CVE-2024-7667
CVE-2024-7667 affects SourceCodester Car Driving School Management System 1.0, specifically the delete_users function in User.php. The vulnerability arises from improper handling of the id argument, enabling SQL injection. Exploitation can be performed remotely, and public disclosures exist. Conn...
CVE-2024-7669
CVE-2024-7669 affects SourceCodester Car Driving School Management System 1.0, specifically the delete_enrollment function in Master.php. The vulnerability is an SQL injection caused by unsafely handling the id parameter, enabling remote exploitation. Multiple sources confirm the attacker can tri...
CVE-2024-7663
CVE-2024-7663 affects SourceCodester Car Driving School Management System 1.0, specifically the manage_user.php file. The issue is an SQL injection caused by unsafely manipulating the id parameter, exploitable via network remotely. The vulnerability has public disclosure, and multiple sources cor...