CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9952 – SourceCodester Online Eyewear Shop Contact Information Page contact_info cross site scripting
https://notcve.org/view.php?id=CVE-2024-9952
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/?page=system_info/contact_info of the component Contact Information Page. The manipulation of the argument Address leads to cross site scripting. The attack may be initiated remotely. • https://gist.github.com/higordiego/bedd395e74a335f0145872c96d7cb92d https://vuldb.com/?ctiid.280319 https://vuldb.com/?id.280319 https://vuldb.com/?submit.423229 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9906 – SourceCodester Online Eyewear Shop cross site scripting
https://notcve.org/view.php?id=CVE-2024-9906
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attack remotely. • https://gist.github.com/higordiego/1c1e1709a6832cb63bbe9e9328f55ff9 https://vuldb.com/?ctiid.280182 https://vuldb.com/?id.280182 https://vuldb.com/?submit.422612 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9905 – SourceCodester Online Eyewear Shop sql injection
https://notcve.org/view.php?id=CVE-2024-9905
A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://gist.github.com/higordiego/8679961c9d732e4068aaa37fd8d01439 https://vuldb.com/?ctiid.280181 https://vuldb.com/?id.280181 https://vuldb.com/?submit.422606 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9818 – SourceCodester Online Veterinary Appointment System manage_category.php sql injection
https://notcve.org/view.php?id=CVE-2024-9818
A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/fezzyang/CVE_report/blob/main/online-veterinary-appointment-system/SQLi.md https://vuldb.com/?ctiid.279972 https://vuldb.com/?id.279972 https://vuldb.com/?submit.421548 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9810 – SourceCodester Record Management System sort2_user.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-9810
A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file sort2_user.php. The manipulation of the argument qualification leads to cross site scripting. The attack may be launched remotely. • https://github.com/GangZhou1/VUL/blob/main/Record-Management-System-1.md https://vuldb.com/?ctiid.279962 https://vuldb.com/?id.279962 https://vuldb.com/?submit.420806 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •