CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-40498
https://notcve.org/view.php?id=CVE-2024-40498
05 Aug 2024 — SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php • https://github.com/Dirac231/CVE-2024-40498 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28322
https://notcve.org/view.php?id=CVE-2024-28322
26 Apr 2024 — SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a crafted POST request. Vulnerabilidad de inyección SQL en /event-management-master/backend/register.php en PuneethReddyHC Event Management 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a través del parámetro event_id en una solicitud POST manipulada. • https://github.com/Sospiro014/zday1/blob/main/event-managment.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3433 – PuneethReddyHC Event Management register.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-3433
07 Apr 2024 — A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to cross site scripting. It is possible to launch the attack remotely. VDB-259614 is the identifier assigned to this vulnerability. • https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3432 – PuneethReddyHC Event Management register.php sql injection
https://notcve.org/view.php?id=CVE-2024-3432
07 Apr 2024 — A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to sql injection. The attack may be initiated remotely. • https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43110
https://notcve.org/view.php?id=CVE-2021-43110
29 Mar 2022 — An Access Conrol vulnerability exists in PuneethReddyHC online-shopping-system as of 11/01/2021 in add_products. se presenta una vulnerabilidad de control de acceso en PuneethReddyHC online-shopping-system a partir del 11/01/2021 en add_products • https://github.com/PuneethReddyHC/online-shopping-system/issues/17 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43109
https://notcve.org/view.php?id=CVE-2021-43109
29 Mar 2022 — An SQL Injection vulnerability exits in PuneethReddyHC online-shopping-system as of 11/01/2021 via the p parameter in product.php. Se presenta una vulnerabilidad de inyección SQL en PuneethReddyHC online-shopping-system a partir del 11/01/2021 por medio del parámetro p en el archivo product.php • https://github.com/PuneethReddyHC/online-shopping-system/issues/17 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •