Lucene search
K
Oretnom23Event Registration System

7 matches found

CVE
CVE
added 2024/05/20 6:31 a.m.65 views

CVE-2024-5121

SourceCodester Event Registration System 1.0 contains a cross-site scripting vulnerability in the /registrar/?page=registration endpoint, caused by unsafe handling of the e parameter. The vulnerability is exploitable remotely and has been publicly disclosed. Several sources confirm the issue, inc...

6.1CVSS6.2AI score0.00428EPSS
Web
CVE
CVE
added 2024/05/20 5:0 a.m.64 views

CVE-2024-5118

CVE-2024-5118 affects SourceCodester Event Registration System 1.0. The vulnerability is in the /admin/login.php login logic where manipulating the username and password parameters leads to an SQL injection. It is described as remote, with public exposure (exploit disclosed). Multiple connected s...

9.8CVSS7.5AI score0.00746EPSS
Web
CVE
CVE
added 2024/05/20 5:31 a.m.61 views

CVE-2024-5119

SourceCodester Event Registration System 1.0 contains a SQL injection in /classes/Master.php?f=load_registration where the last_id/event_id parameter is manipulated. The issue is triggered by unsafely handling user input, allowing remote exploitation; multiple sources (NVD and CVE listings) confi...

9.8CVSS7.3AI score0.00579EPSS
Web
CVE
CVE
added 2024/05/20 7:31 a.m.61 views

CVE-2024-5123

The CVE-2024-5123 entry concerns SourceCodester Event Registration System 1.0. A vulnerability in the /registrar/ area is triggered by manipulating the searchbar argument, resulting in cross-site scripting (XSS). The issue is exploitable remotely, and public disclosure exists (VDB-265203). Severa...

6.9CVSS6.2AI score0.00608EPSS
Web
CVE
CVE
added 2024/05/20 4:31 a.m.60 views

CVE-2024-5117

CVE-2024-5117 affects SourceCodester Event Registration System 1.0, with an SQL Injection in portal.php triggered by manipulating username/password. Root cause: unsanitized input in portal.php allows remote attacker to exploit SQL queries. Impact: high (C, I, A implications in CVSS), potential re...

9.8CVSS7.3AI score0.00682EPSS
Web
CVE
CVE
added 2024/05/20 6:0 a.m.56 views

CVE-2024-5120

CVE-2024-5120 affects SourceCodester Event Registration System 1.0. The vulnerability is an SQL injection in the file /registrar/?page=registration via the e parameter. It can be exploited remotely, and public disclosures exist. Connected sources corroborate an unknown function in the endpoint as...

9.8CVSS7.3AI score0.00579EPSS
Web
CVE
CVE
added 2024/05/20 7:0 a.m.56 views

CVE-2024-5122

The CVE-2024-5122 entry concerns SourceCodester Event Registration System 1.0 where the /registrar/ endpoint’s search parameter is susceptible to SQL injection. The root cause is a manipulated search argument leading to SQL injection, allowing remote exploitation (attack vector: network; no user ...

9.8CVSS7.3AI score0.00707EPSS
Web