2 matches found
CVE-2023-2973
CVE-2023-2973 affects SourceCodester Students Online Internship Timesheet System 1.0. Affected component: /ajax.php?action=save_company; root cause is manipulation of the name parameter that enables cross-site scripting (stored/reflected-style demonstrated input: ). The vulnerability allows remot...
CVE-2023-2955
The CVE-2023-2955 entry concerns SourceCodester Students Online Internship Timesheet System 1.0. Affected is the GET Parameter Handler in rendered_report.php, where manipulating the sid argument causes an SQL injection. This allows remote exploitation; multiple sources note the exploit has been p...