7 results (0.010 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability classified as critical was found in SourceCodester School Dormitory Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Admin Login. The manipulation leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-216775. • https://vuldb.com/?ctiid.216775 https://vuldb.com/?id.216775 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125 School Dormitory Management System versión v1.0, es vulnerable a un ataque de tipo cross-site scripting (XSS) reflejado por medio de admin/inc/navigation.php:125 • https://github.com/bigzooooz/CVE-2022-30513 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4. School Dormitory Management System versión 1.0, es vulnerable a una Inyección SQL por medio de accounts/view_details.php:4 • https://github.com/bigzooooz/CVE-2022-30511 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126. School Dormitory Management System versión v1.0, es vulnerable al cross-site scripting (XSS) reflejado por medio de admin/inc/navigation.php:126 • https://github.com/bigzooooz/CVE-2022-30514 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 1

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31. School Dormitory Management System versión 1.0, es vulnerable a una Inyección SQL por medio de accounts/payment_history.php:31 • https://github.com/bigzooooz/CVE-2022-30512 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •