8 matches found
CVE-2024-7360
CVE-2024-7360 affects SourceCodester Tracking Monitoring Management System 1.0, with CSRF in the /ajax.php file. Reports indicate the issue can be triggered remotely and that an exploit has been disclosed. The vulnerability impacts unknown functionality within /ajax.php and there is no confirmed ...
CVE-2024-7362
Summary: CVE-2024-7362 affects SourceCodester Tracking Monitoring Management System 1.0. The vulnerability is a SQL injection in the id parameter of /manage_user.php, exploitable remotely and disclosed publicly. The NVD entry lists a high-severity CRITICAL impact (CVSSv3.1: 9.8) with attacker net...
CVE-2024-7365
CVE-2024-7365 affects SourceCodester Tracking Monitoring Management System 1.0. The known vulnerability arises from SQL injection in the /manage_establishment.php file via the id parameter; exploitation can be remote and the exploit has been publicly disclosed. Multiple sources corroborate the is...
CVE-2024-7361
CVE-2024-7361 affects SourceCodester Tracking Monitoring Management System 1.0. the vulnerability is an SQL injection in the endpoint /ajax.php?action=save_establishment, caused by manipulation of the id parameter. It is exploitable remotely and has been publicly disclosed. Multiple sources corro...
CVE-2024-7364
CVE-2024-7364 affects SourceCodester Tracking Monitoring Management System 1.0. The vulnerability is a SQL injection in the /manage_records.php file triggered by manipulating the id parameter, with remote exploitation. Multiple connected sources confirm this same issue and note the exploit has be...
CVE-2024-7363
CVE-2024-7363 affects SourceCodester Tracking Monitoring Management System 1.0. The vulnerability is an SQL injection in the /manage_person.php file caused by manipulation of the id parameter. It can be exploited remotely; exploits have been disclosed publicly. The connected documents do not prov...
CVE-2024-7366
The CVE-2024-7366 vulnerability affects SourceCodester Tracking Monitoring Management System 1.0, specifically the Login component (file /ajax.php?action=login). The issue arises from unsafely handling the username parameter, leading to an SQL injection. It is exploitable remotely and the exploit...
CVE-2024-7359
CVE-2024-7359 affects SourceCodester Tracking Monitoring Management System v1.0. Affected component: /ajax.php?action=save_establishment. Root cause: manipulation of the name parameter enables cross-site scripting (XSS). Exploitability: attack may be launched remotely, with publicly disclosed exp...