Page 44 of 507 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in SourceCodester Lot Reservation Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/manage_model.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://gist.github.com/topsky979/16181c02e770952091a36784da530eab https://vuldb.com/?ctiid.273151 https://vuldb.com/?id.273151 https://vuldb.com/?submit.381198 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in SourceCodester Lot Reservation Management System 1.0. Affected is an unknown function of the file /admin/index.php?page=manage_lot. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. • https://gist.github.com/topsky979/13cfd55966ffe12c8904de995400fc33 https://vuldb.com/?ctiid.273150 https://vuldb.com/?id.273150 https://vuldb.com/?submit.381197 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/view_reserved.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://gist.github.com/topsky979/c4e972f03739833ad2d111493f44138b https://vuldb.com/?ctiid.273149 https://vuldb.com/?id.273149 https://vuldb.com/?submit.381196 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. • https://gist.github.com/topsky979/8eb5a3711f4802b2b05ae3702addb61e https://vuldb.com/?ctiid.273148 https://vuldb.com/?id.273148 https://vuldb.com/?submit.381195 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save_user of the component Password Change Handler. The manipulation leads to cross-site request forgery. • https://vuldb.com/?id.272806 https://vuldb.com/?ctiid.272806 https://vuldb.com/?submit.380981 https://github.com/Xu-Mingming/cve/blob/main/CSRF2.md • CWE-352: Cross-Site Request Forgery (CSRF) •