CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7167 – SourceCodester School Fees Payment System manage_course.php sql injection
https://notcve.org/view.php?id=CVE-2024-7167
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /manage_course.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://gist.github.com/topsky979/69a797bc0b33fc19144a727a0be31685 https://vuldb.com/?ctiid.272581 https://vuldb.com/?id.272581 https://vuldb.com/?submit.380181 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7166 – SourceCodester School Fees Payment System receipt.php sql injection
https://notcve.org/view.php?id=CVE-2024-7166
A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been classified as critical. Affected is an unknown function of the file /receipt.php. The manipulation of the argument ef_id leads to sql injection. It is possible to launch the attack remotely. • https://gist.github.com/topsky979/8ab4ff5ffb2a555694931d14329f5a5d https://vuldb.com/?ctiid.272580 https://vuldb.com/?id.272580 https://vuldb.com/?submit.380180 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7165 – SourceCodester School Fees Payment System view_payment.php sql injection
https://notcve.org/view.php?id=CVE-2024-7165
A vulnerability was found in SourceCodester School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_payment.php. The manipulation of the argument ef_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://gist.github.com/topsky979/efe8fa56e557bf3244909f348d5874f7 https://vuldb.com/?ctiid.272579 https://vuldb.com/?id.272579 https://vuldb.com/?submit.380179 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7164 – SourceCodester School Fees Payment System sql injection
https://notcve.org/view.php?id=CVE-2024-7164
A vulnerability has been found in SourceCodester School Fees Payment System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. • https://gist.github.com/topsky979/d53eab0322b187bfe151b3f1f31958e2 https://vuldb.com/?ctiid.272578 https://vuldb.com/?id.272578 https://vuldb.com/?submit.380174 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7080 – SourceCodester Insurance Management System direct request
https://notcve.org/view.php?id=CVE-2024-7080
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. • https://github.com/Xu-Mingming/cve/blob/main/bianli.md https://vuldb.com/?ctiid.272365 https://vuldb.com/?id.272365 https://vuldb.com/?submit.379487 • CWE-425: Direct Request ('Forced Browsing') •