CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7287 – SourceCodester Establishment Billing Management System manage_user.php sql injection
https://notcve.org/view.php?id=CVE-2024-7287
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. • https://gist.github.com/topsky979/d4684a6cf3ca446bb7c71c51ff6152ba https://vuldb.com/?ctiid.273156 https://vuldb.com/?id.273156 https://vuldb.com/?submit.381469 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7286 – SourceCodester Establishment Billing Management System Login sql injection
https://notcve.org/view.php?id=CVE-2024-7286
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. • https://gist.github.com/topsky979/da1899833a862fb19fcc146b6725a67b https://vuldb.com/?ctiid.273155 https://vuldb.com/?id.273155 https://vuldb.com/?submit.381468 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7285 – SourceCodester Establishment Billing Management System cross site scripting
https://notcve.org/view.php?id=CVE-2024-7285
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. • https://gist.github.com/topsky979/e2fa238262fcafdd8e301c32ee9f8e3a https://vuldb.com/?ctiid.273154 https://vuldb.com/?id.273154 https://vuldb.com/?submit.381467 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7284 – SourceCodester Lot Reservation Management System cross site scripting
https://notcve.org/view.php?id=CVE-2024-7284
A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument about leads to cross site scripting. It is possible to initiate the attack remotely. • https://gist.github.com/topsky979/16da371a38fd91d64765fd16ed3d049e https://vuldb.com/?ctiid.273153 https://vuldb.com/?id.273153 https://vuldb.com/?submit.381223 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7283 – SourceCodester Lot Reservation Management System manage_user.php sql injection
https://notcve.org/view.php?id=CVE-2024-7283
A vulnerability, which was classified as critical, has been found in SourceCodester Lot Reservation Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://gist.github.com/topsky979/0cda40ceee628634e4bc984cc5651b51 https://vuldb.com/?ctiid.273152 https://vuldb.com/?id.273152 https://vuldb.com/?submit.381199 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •