CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0500 – SourceCodester House Rental Management System Manage Tenant Details cross site scripting
https://notcve.org/view.php?id=CVE-2024-0500
A vulnerability, which was classified as problematic, was found in SourceCodester House Rental Management System 1.0. Affected is an unknown function of the component Manage Tenant Details. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1z30nTAfoX58NqwIMXyHb3LB6Pv2bEm5v/view?usp=sharing https://vuldb.com/?ctiid.250608 https://vuldb.com/?id.250608 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0499 – SourceCodester House Rental Management System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-0499
A vulnerability, which was classified as problematic, has been found in SourceCodester House Rental Management System 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1DTGd_IWdS_tMOQN0Pt1-MeZ4Yv3tXiRt/view?usp=sharing https://vuldb.com/?ctiid.250607 https://vuldb.com/?id.250607 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30016
https://notcve.org/view.php?id=CVE-2023-30016
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_details_edit.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro sub_event_id en sub_event_details_edit.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30014
https://notcve.org/view.php?id=CVE-2023-30014
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat_update.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro sub_event_id en sub_event_stat_update.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30015
https://notcve.org/view.php?id=CVE-2023-30015
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via txtsearch parameter in review_search.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro txtsearch en review_search.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •