5 matches found
CVE-2024-3463
CVE-2024-3463 affects SourceCodester Laundry Management System v1.0, with a cross-site scripting flaw in the /karyawan/edit endpoint triggered by manipulating the karyawan parameter. The issue can be exploited remotely and has public exploitation details (VDB-259744). Connected sources corroborat...
CVE-2024-3465
CVE-2024-3465 affects SourceCodester Laundry Management System 1.0. The vulnerable component is the laporan_filter function in /application/controller/Transaki.php, where manipulating the dari/sampai parameters leads to an SQL injection. The vulnerability can be exploited remotely, and the exploi...
CVE-2024-3466
CVE-2024-3466 affects SourceCodester Laundry Management System 1.0, specifically the function laporan_filter in /application/controller/Pengeluaran.php. The root cause is input manipulation of the dari/sampai parameter leading to SQL injection. Impact is high: potential unauthorized data access o...
CVE-2024-3445
CVE-2024-3445 affects SourceCodester Laundry Management System 1.0, with SQL injection in the /karyawan/laporan_filter file caused by manipulating the data_karyawan parameter. The vulnerability is exploitable remotely, and public disclosure is noted. Connected sources corroborate SQLi in data_kar...
CVE-2024-3464
SourceCodester Laundry Management System 1.0 contains a SQL injection in the laporan_filter function (file /application/controller/Pelanggan.php) via the jeniskelamin parameter. This allows remote exploitation with impact on confidentiality, integrity, and availability (CVE-2024-3464). Exploitati...