2 matches found
CVE-2021-46200
Affected software: Sourcecodester Simple Music Clour Community System v1.0. Root cause: SQL Injection via the email parameter in /music/ajax.php due to improper input filtering. Impact: high across confidentiality, integrity, and availability (per CVSS 3.1/9.8). Attack vector: network; no user in...
CVE-2024-11054
CVE-2024-11054 affects SourceCodester Simple Music Cloud Community System 1.0, specifically the endpoint /music/ajax.php?action=signup where the argument/parameter named pp can be manipulated to achieve an unrestricted file upload. The vulnerability is remotely exploitable and was publicly disclo...