CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6471 – SourceCodester Online Tours & Travels Management sms_setting.php sql injection
https://notcve.org/view.php?id=CVE-2024-6471
A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. This affects an unknown part of the file sms_setting.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.270279 https://vuldb.com/?ctiid.270279 https://vuldb.com/?submit.367953 https://blog.csdn.net/ENTICE1208/article/details/140141934 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 6CVE-2024-2168 – SourceCodester Online Tours & Travels Management System HTTP POST Request expense_category.php sql injection
https://notcve.org/view.php?id=CVE-2024-2168
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/operations/expense_category.php of the component HTTP POST Request Handler. The manipulation of the argument status leads to sql injection. It is possible to launch the attack remotely. • https://github.com/W01fh4cker/CVE-2024-21683-RCE https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server https://github.com/xh4vm/CVE-2024-21683 https://github.com/phucrio/CVE-2024-21683-RCE https://vuldb.com/?ctiid.255678 https://vuldb.com/?id.255678 https://www.yuque.com/mailemonyeyongjuan/nekc0f/uoobn101h48xv6ih • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •