Lucene search
K
Oretnom23School Fees Payment System

6 matches found

CVE
CVE
added 2024/07/28 5:0 p.m.55 views

CVE-2024-7164

CVE-2024-7164 affects SourceCodester School Fees Payment System v1.0. The vulnerability is an SQL injection in the /ajax.php?action=login endpoint, triggered by manipulating the username parameter. Exploitation is remote and has been publicly disclosed. Data confidentiality, integrity, and availa...

9.8CVSS7.6AI score0.00646EPSS
CVE
CVE
added 2024/07/28 7:0 p.m.55 views

CVE-2024-7168

CVE-2024-7168 affects SourceCodester School Fees Payment System 1.0. The vulnerability is an SQL injection in the /manage_user.php file triggered by manipulating the id parameter, enabling remote access with high impact as described in multiple sources. The exploit has been disclosed publicly. No...

8.8CVSS7.3AI score0.00532EPSS
CVE
CVE
added 2024/07/28 6:0 p.m.50 views

CVE-2024-7166

SourceCodester School Fees Payment System 1.0 contains a SQL injection in /receipt.php via the ef_id parameter. The vulnerability allows remote exploitation and is publicly disclosed. Affected component: the receipt.php handling logic; root cause: improper handling of ef_id leading to injection. ...

8.8CVSS6.9AI score0.00532EPSS
CVE
CVE
added 2024/07/28 5:31 p.m.49 views

CVE-2024-7165

CVE-2024-7165 affects SourceCodester School Fees Payment System 1.0, via SQL injection in the /view_payment.php file caused by manipulating the ef_id parameter. The issue can be exploited remotely and an exploit has been disclosed publicly. Connected sources confirm the vulnerability details and ...

8.8CVSS6.9AI score0.00532EPSS
CVE
CVE
added 2024/07/28 6:31 p.m.46 views

CVE-2024-7167

CVE-2024-7167 affects SourceCodester School Fees Payment System v1.0, with an SQL injection in the /manage_course.php file via the id parameter. The vulnerability is exploitable remotely and is described as critical; exploitation can lead to disclosure, modification, or damage of data due to inje...

8.8CVSS6.8AI score0.00532EPSS
CVE
CVE
added 2024/07/28 7:31 p.m.45 views

CVE-2024-7169

CVE-2024-7169 affects SourceCodester School Fees Payment System 1.0. The vulnerability is a cross-site request forgery in the unknown part of the file /ajax.php that can be triggered remotely. Multiple connected sources confirm the issue and link it to the /ajax.php endpoint, with the exploit dis...

8.8CVSS4.8AI score0.00346EPSS