CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2075 – SourceCodester Daily Habit Tracker update-tracker.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2075
A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The attack can be launched remotely. • https://github.com/vanitashtml/CVE-Dumps/blob/main/Stored%20XSS%20Daily%20Habit%20Tracker.md https://vuldb.com/?ctiid.255391 https://vuldb.com/?id.255391 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2073 – SourceCodester Block Inserter for Dynamic Content view_post.php sql injection
https://notcve.org/view.php?id=CVE-2024-2073
A vulnerability has been found in SourceCodester Block Inserter for Dynamic Content 1.0 and classified as critical. This vulnerability affects unknown code of the file view_post.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/vanitashtml/CVE-Dumps/blob/main/Block%20Inserter%20for%20Dynamic%20Content%20-%20Sql%20Injection.md https://vuldb.com/?ctiid.255388 https://vuldb.com/?id.255388 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2072 – SourceCodester Flashcard Quiz App update-flashcard.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2072
A vulnerability, which was classified as problematic, was found in SourceCodester Flashcard Quiz App 1.0. This affects an unknown part of the file /endpoint/update-flashcard.php. The manipulation of the argument question/answer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/smurf-reigz/security/blob/main/proof-of-concepts/SOURCECODESTER%20%5BFlashcard%20Quiz%20App%20Using%20PHP%20and%20MySQL%5D%20XSS%20on%20update-flashcard.php.md https://vuldb.com/?ctiid.255387 https://vuldb.com/?id.255387 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2071 – SourceCodester FAQ Management System Update FAQ cross site scripting
https://notcve.org/view.php?id=CVE-2024-2071
A vulnerability, which was classified as problematic, has been found in SourceCodester FAQ Management System 1.0. Affected by this issue is some unknown functionality of the component Update FAQ. The manipulation of the argument Frequently Asked Question leads to cross site scripting. The attack may be launched remotely. VDB-255386 is the identifier assigned to this vulnerability. • https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/faq-management-system.md https://vuldb.com/?ctiid.255386 https://vuldb.com/?id.255386 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2070 – SourceCodester FAQ Management System add-faq.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2070
A vulnerability classified as problematic was found in SourceCodester FAQ Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-faq.php. The manipulation of the argument question/answer leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/smurf-reigz/security/blob/main/proof-of-concepts/SOURCECODESTER%20%5BFAQ%20Management%20System%20Using%20PHP%20and%20MySQL%5D%20XSS%20on%20add-faq.php.md https://vuldb.com/?ctiid.255385 https://vuldb.com/?id.255385 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •