CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3657 – SourceCodester AC Repair and Services System HTTP POST Request sql injection
https://notcve.org/view.php?id=CVE-2023-3657
A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=save_book of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://vuldb.com/?ctiid.234011 https://vuldb.com/?id.234011 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31704
https://notcve.org/view.php?id=CVE-2023-31704
Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role. • https://github.com/d34dun1c02n/CVE-2023-31704 https://www.sourcecodester.com/php/16397/online-computer-and-laptop-store-using-php-and-mysql-source-code-free-download.html • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3644 – SourceCodester Service Provider Management System sql injection
https://notcve.org/view.php?id=CVE-2023-3644
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. • https://vuldb.com/?ctiid.233890 https://vuldb.com/?id.233890 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3619 – SourceCodester AC Repair and Services System HTTP POST Request sql injection
https://notcve.org/view.php?id=CVE-2023-3619
A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical. This issue affects some unknown processing of the file Master.php?f=save_service of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://vuldb.com/?ctiid.233573 https://vuldb.com/?id.233573 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2023-33592 – Lost and Found Information System v1.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2023-33592
Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. Lost and Found Information System version 1.0 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/51570 https://github.com/FuckingHack3r/CVE-2023-33592 https://github.com/ChineseOldboy/CVE-2023-33592 http://packetstormsecurity.com/files/173331/Lost-And-Found-Information-System-1.0-SQL-Injection.html https://github.com/DARSHANAGUPTA10/CVE/blob/main/CVE-2023-33592 https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •