CVE-2024-1828 – code-projects Library System registration.php sql injection
https://notcve.org/view.php?id=CVE-2024-1828
A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. Affected is an unknown function of the file Source/librarian/user/teacher/registration.php. The manipulation of the argument email/idno/phone/username leads to sql injection. It is possible to launch the attack remotely. • https://github.com/jxp98/VulResearch/blob/main/2024/02/3.3Library%20System%20In%20PHP%20-%20SQL%20Injection-teacher_reg.md https://vuldb.com/?ctiid.254616 https://vuldb.com/?id.254616 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-1827 – code-projects Library System login.php sql injection
https://notcve.org/view.php?id=CVE-2024-1827
A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file Source/librarian/user/teacher/login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jxp98/VulResearch/blob/main/2024/02/3.2Library%20System%20In%20PHP%20-%20SQL%20Injection-teacher_login.md https://vuldb.com/?ctiid.254615 https://vuldb.com/?id.254615 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-1826 – code-projects Library System login.php sql injection
https://notcve.org/view.php?id=CVE-2024-1826
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file Source/librarian/user/student/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jxp98/VulResearch/blob/main/2024/02/3Library%20System%20In%20PHP%20-%20SQL%20Injection-student_login.md https://vuldb.com/?ctiid.254614 https://vuldb.com/?id.254614 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-1821 – code-projects Crime Reporting System police_add.php sql injection
https://notcve.org/view.php?id=CVE-2024-1821
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file police_add.php. The manipulation of the argument police_name/police_id/police_spec/password leads to sql injection. The exploit has been disclosed to the public and may be used. • https://github.com/jxp98/VulResearch/blob/main/2024/02/2Crime%20Reporting%20System%20-%20SQL%20Injection-police_add.md https://vuldb.com/?ctiid.254609 https://vuldb.com/?id.254609 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-1820 – code-projects Crime Reporting System inchargelogin.php sql injection
https://notcve.org/view.php?id=CVE-2024-1820
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file inchargelogin.php. The manipulation of the argument email/password leads to sql injection. The attack can be initiated remotely. • https://github.com/jxp98/VulResearch/blob/main/2024/02/1Crime%20Reporting%20System%20-%20SQL%20Injection.md https://vuldb.com/?ctiid.254608 https://vuldb.com/?id.254608 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •