CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30077
https://notcve.org/view.php?id=CVE-2023-30077
Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id. • https://github.com/Dzero57/cve_report/blob/main/judging-management-system/SQLi-1.md https://www.github.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30203
https://notcve.org/view.php?id=CVE-2023-30203
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php. • https://github.com/debug601/bug_report/blob/main/vendors/oretnom23/judging-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30204
https://notcve.org/view.php?id=CVE-2023-30204
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php. • https://github.com/debug601/bug_report/blob/main/vendors/oretnom23/judging-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30076
https://notcve.org/view.php?id=CVE-2023-30076
Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=. • https://github.com/Dzero57/cve_report/blob/main/judging-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2108 – SourceCodester Judging Management System edit_contestant.php sql injection
https://notcve.org/view.php?id=CVE-2023-2108
A vulnerability has been found in SourceCodester Judging Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_contestant.php. The manipulation of the argument contestant_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/hackerzyq/mycve/blob/main/vendors/oretnom23/judging-management-system/SQLi-1.md https://vuldb.com/?ctiid.226147 https://vuldb.com/?id.226147 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •