CVE-2024-6114 – itsourcecode Monbela Tourist Inn Online Reservation System controller.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-6114
A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/4 https://vuldb.com/?ctiid.268866 https://vuldb.com/?id.268866 https://vuldb.com/?submit.358995 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-6112 – itsourcecode Pool of Bethesda Online Reservation System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-6112
A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/2 https://vuldb.com/?ctiid.268858 https://vuldb.com/?id.268858 https://vuldb.com/?submit.358990 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-6111 – itsourcecode Pool of Bethesda Online Reservation System login.php sql injection
https://notcve.org/view.php?id=CVE-2024-6111
A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/wangyuan-ui/CVE/issues/1 https://vuldb.com/?ctiid.268857 https://vuldb.com/?id.268857 https://vuldb.com/?submit.358988 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-6110 – itsourcecode Magbanua Beach Resort Online Reservation System controller.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-6110
A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. • https://github.com/Laster-dev/CVE/issues/1 https://vuldb.com/?ctiid.268856 https://vuldb.com/?id.268856 https://vuldb.com/?submit.358592 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-6109 – itsourcecode Tailoring Management System addmeasurement.php sql injection
https://notcve.org/view.php?id=CVE-2024-6109
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/PHJ-doit/cve/issues/1 https://vuldb.com/?ctiid.268855 https://vuldb.com/?id.268855 https://vuldb.com/?submit.358590 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •