3 matches found
CVE-2021-44653
Online Magazine Management System 1.0 is vulnerable to a SQL injection in the login form that bypasses authentication, enabling an attacker to gain admin access. The root cause is a SQL injection in the login workflow, as described across multiple sources. Impact: admin-level access to the applic...
CVE-2025-13263
SourceCodester Online Magazine Management System 1.0 contains a SQL injection in /categories.php via the c parameter. The issue is remote and publicly exploitable, with PoC-style exploit references present in the CVE metadata. The vulnerability affects unknown functionality in categories.php, and...
CVE-2025-13264
CVE-2025-13264 affects SourceCodester Online Magazine Management System 1.0, specifically the /view_magazine.php file. The vulnerability arises from manipulating the ID parameter, causing SQL injection. Remote exploitation is possible, and public PoCs exist. Multiple sources confirm the issue and...