Page 7 of 170 results (0.009 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been classified as critical. This affects an unknown part of the file /classes/Master.php?f=save_reminder. The manipulation of the argument id leads to sql injection. • https://vuldb.com/?ctiid.243645 https://vuldb.com/?id.243645 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_reminder. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://vuldb.com/?ctiid.243644 https://vuldb.com/?id.243644 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id. Sourcecodester Packers and Movers Management System v1.0 es vulnerable a la inyección SQL a través de mpms/?p=services/view_service&id. • https://github.com/kirra-max/bug_reports/blob/main/packers-and-movers-management-system-phpoop-free-source-code/SQL-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component. Un problema en Expense Management System v.1.0 permite a un atacante local ejecutar código arbitrario a través de un archivo manipulado subido al componente sign-up.php. • https://abstracted-howler-727.notion.site/CVE-2023-44824-ab76909b4a0e477b87aa8d0ca4aa4ca7 https://abstracted-howler-727.notion.site/Vulnerability-Description-ccc2e6489a0d43859c61a7982e649da1 https://gist.github.com/Muscial/e46c4e4031d25a3684cda124dfc45d96 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input "><script>confirm (document.cookie)</script> leads to cross site scripting. • https://vuldb.com/?ctiid.242170 https://vuldb.com/?id.242170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •