CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3440 – SourceCodester Prison Management System edit_profile.php sql injection
https://notcve.org/view.php?id=CVE-2024-3440
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/edit_profile.php. The manipulation leads to sql injection. The attack can be launched remotely. • https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemSQL3.md https://vuldb.com/?ctiid.259693 https://vuldb.com/?id.259693 https://vuldb.com/?submit.312207 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3439 – SourceCodester Prison Management System login.php sql injection
https://notcve.org/view.php?id=CVE-2024-3439
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. • https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemSQL2.md https://vuldb.com/?ctiid.259692 https://vuldb.com/?id.259692 https://vuldb.com/?submit.312204 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3438 – SourceCodester Prison Management System login.php sql injection
https://notcve.org/view.php?id=CVE-2024-3438
A vulnerability was found in SourceCodester Prison Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/login.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemSQL1.md https://vuldb.com/?ctiid.259691 https://vuldb.com/?id.259691 https://vuldb.com/?submit.312203 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3437 – SourceCodester Prison Management System Avatar add-admin.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-3437
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Admin/add-admin.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack may be initiated remotely. • https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE2.md https://vuldb.com/?ctiid.259631 https://vuldb.com/?id.259631 https://vuldb.com/?submit.311920 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3436 – SourceCodester Prison Management System Avatar edit-photo.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-3436
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Admin/edit-photo.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. • https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE.md https://vuldb.com/?ctiid.259630 https://vuldb.com/?id.259630 https://vuldb.com/?submit.311919 • CWE-434: Unrestricted Upload of File with Dangerous Type •