Lost And Found Information System Security Vulnerabilities and Issues — Lost And Found Information System CVE List

Lucene search

Oretnom23Lost And Found Information System

6 matches found

CVE•added 2024/03/07 9:15 a.m.•46 views

CVE-2023-33676

Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*" which can be escalated to the remote command execution.

8.4CVSS8.4AI score0.00472EPSS

CVE•added 2024/07/29 7:15 p.m.•40 views

CVE-2024-37859

Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php.

6.1CVSS6.8AI score0.00072EPSS

CVE•added 2024/03/06 1:15 a.m.•37 views

CVE-2023-33677

Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*".

7.5CVSS8.1AI score0.00056EPSS

CVE•added 2024/07/29 7:15 p.m.•37 views

CVE-2024-37857

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php.

8.8CVSS8AI score0.00395EPSS

CVE•added 2024/07/29 7:15 p.m.•37 views

CVE-2024-37858

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php.

9.8CVSS8AI score0.00433EPSS

CVE•added 2024/07/29 7:15 p.m.•36 views

CVE-2024-37856

Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page.

5.4CVSS6.5AI score0.00224EPSS