3 matches found
CVE-2024-50766
CVE-2024-50766 affects SourceCodester Survey Application System 1.0. The flaw is a SQL Injection in takeSurvey.php via the id parameter, allowing unauthenticated network-accessible exploitation with high impact (C/H, I/H, A/H) per CVSS 3.1: 9.8. Documented by Red Hat, NVD, CIRCL and others; PT-Se...
CVE-2025-12929
SourceCodester Survey Application System 1.0 contains a SQL injection flaw in the save_user/update_user function of /LoginRegistration.php. Manipulating the fullname argument can enable remote exploitation; other parameters may also be affected. Exploitation has been published. Remediation guidan...
CVE-2025-13060
CVE-2025-13060 affects SourceCodester Survey Application System 1.0. The issue is a SQL injection in the function handling the parameter ID in the file /view_survey.php. It can be exploited remotely, and multiple sources note that the exploit has been publicly disclosed. The vulnerability’s sever...