Page 22 of 118 results (0.001 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file change_profile_picture.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/L1OudFd8cl09/CVE/issues/1 https://vuldb.com/?ctiid.266589 https://vuldb.com/?id.266589 https://vuldb.com/?submit.346309 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file changepwd.php. The manipulation of the argument useremail leads to sql injection. The attack may be launched remotely. • https://github.com/ppp-src/ha/issues/4 https://vuldb.com/?ctiid.266588 https://vuldb.com/?id.266588 https://vuldb.com/?submit.346225 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file massage.php. The manipulation of the argument bid leads to sql injection. The attack can be launched remotely. • https://github.com/ppp-src/ha/issues/3 https://vuldb.com/?ctiid.266587 https://vuldb.com/?id.266587 https://vuldb.com/?submit.346223 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in itsourcecode Online Student Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file instructorSubjects.php. The manipulation of the argument instructorId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/10 https://vuldb.com/?ctiid.266311 https://vuldb.com/?id.266311 https://vuldb.com/?submit.344700 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file newfaculty.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/9 https://vuldb.com/?ctiid.266310 https://vuldb.com/?id.266310 https://vuldb.com/?submit.344699 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •