CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1556 – SourceCodester Judging Management System summary_results.php sql injection
https://notcve.org/view.php?id=CVE-2023-1556
A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file summary_results.php. The manipulation of the argument main_event_id leads to sql injection. The attack can be launched remotely. • https://github.com/debug601/bug_report/blob/main/vendors/oretnom23/judging-management-system/SQLi-1.md https://vuldb.com/?ctiid.223549 https://vuldb.com/?id.223549 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24643
https://notcve.org/view.php?id=CVE-2023-24643
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php. • https://github.com/594238758/mycve/blob/main/judging-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24642
https://notcve.org/view.php?id=CVE-2023-24642
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateTxtview.php. • https://github.com/594238758/mycve/blob/main/judging-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24641
https://notcve.org/view.php?id=CVE-2023-24641
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateview.php. • https://github.com/594238758/mycve/blob/main/judging-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24317
https://notcve.org/view.php?id=CVE-2023-24317
Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php. • https://github.com/angelopioamirante/CVE-2023-24317 http://judging.com http://sourcecodester.com https://packetstormsecurity.com/files/170205/Judging-Management-System-1.0-Shell-Upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •