CVE-2023-2347 – SourceCodester Service Provider Management System manage_service.php sql injection
https://notcve.org/view.php?id=CVE-2023-2347
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/services/manage_service.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. • https://github.com/E1CHO/cve_hub/blob/main/Service%20Provider%20Management%20System/Service%20Provider%20Management%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.227590 https://vuldb.com/?id.227590 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-2346 – SourceCodester Service Provider Management System view_inquiry.php sql injection
https://notcve.org/view.php?id=CVE-2023-2346
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/inquiries/view_inquiry.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/E1CHO/cve_hub/blob/main/Service%20Provider%20Management%20System/Service%20Provider%20Management%20System%20-%20vuln%201.pdf https://vuldb.com/?ctiid.227589 https://vuldb.com/?id.227589 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-2345 – SourceCodester Service Provider Management System improper authorization
https://notcve.org/view.php?id=CVE-2023-2345
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_inquiry. The manipulation leads to improper authorization. The attack may be launched remotely. • https://vuldb.com/?ctiid.227588 https://vuldb.com/?id.227588 • CWE-285: Improper Authorization •
CVE-2023-2344 – SourceCodester Service Provider Management System HTTP POST Request sql injection
https://notcve.org/view.php?id=CVE-2023-2344
A vulnerability has been found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=save_service of the component HTTP POST Request Handler. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. • http://cdn.polowong.top/image-20230427193041378.png https://vuldb.com/?ctiid.227587 https://vuldb.com/?id.227587 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •