CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5814 – SourceCodester Task Reminder System sql injection
https://notcve.org/view.php?id=CVE-2023-5814
A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been classified as critical. This affects an unknown part of the file /classes/Master.php?f=save_reminder. The manipulation of the argument id leads to sql injection. • https://vuldb.com/?ctiid.243645 https://vuldb.com/?id.243645 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5813 – SourceCodester Task Reminder System sql injection
https://notcve.org/view.php?id=CVE-2023-5813
A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_reminder. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://vuldb.com/?ctiid.243644 https://vuldb.com/?id.243644 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46435
https://notcve.org/view.php?id=CVE-2023-46435
Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id. Sourcecodester Packers and Movers Management System v1.0 es vulnerable a la inyección SQL a través de mpms/?p=services/view_service&id. • https://github.com/kirra-max/bug_reports/blob/main/packers-and-movers-management-system-phpoop-free-source-code/SQL-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44824
https://notcve.org/view.php?id=CVE-2023-44824
An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component. Un problema en Expense Management System v.1.0 permite a un atacante local ejecutar código arbitrario a través de un archivo manipulado subido al componente sign-up.php. • https://abstracted-howler-727.notion.site/CVE-2023-44824-ab76909b4a0e477b87aa8d0ca4aa4ca7 https://abstracted-howler-727.notion.site/Vulnerability-Description-ccc2e6489a0d43859c61a7982e649da1 https://gist.github.com/Muscial/e46c4e4031d25a3684cda124dfc45d96 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5585 – SourceCodester Online Motorcycle Rental System Bike List cross site scripting
https://notcve.org/view.php?id=CVE-2023-5585
A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/?page=bike of the component Bike List. The manipulation of the argument Model with the input "><script>confirm (document.cookie)</script> leads to cross site scripting. • https://vuldb.com/?ctiid.242170 https://vuldb.com/?id.242170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •