CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3CVE-2024-2069 – SourceCodester FAQ Management System delete-faq.php sql injection
https://notcve.org/view.php?id=CVE-2024-2069
A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/RomanRybachek/CVE-2024-20698 https://github.com/clearbluejar/CVE-2024-20696 https://github.com/smurf-reigz/security/blob/main/proof-of-concepts/SOURCECODESTER%20%5BFAQ%20Management%20System%20Using%20PHP%20and%20MySQL%5D%20SQLi%20on%20delete-faq.php.md https://vuldb.com/?ctiid.255384 https://vuldb.com/?id.255384 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2068 – SourceCodester Computer Inventory System update-computer.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2068
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated remotely. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/STORED%20XSS%20upadte-computer.php%20.md https://vuldb.com/?ctiid.255383 https://vuldb.com/?id.255383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2067 – SourceCodester Computer Inventory System delete-computer.php sql injection
https://notcve.org/view.php?id=CVE-2024-2067
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be initiated remotely. • https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/SQL%20Injection%20delete-computer.php%20.md https://vuldb.com/?ctiid.255382 https://vuldb.com/?id.255382 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 3CVE-2024-2066 – SourceCodester Computer Inventory System add-computer.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2066
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/nnotwen/Script-For-CVE-2024-20666 https://github.com/invaderslabs/CVE-2024-20666 https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Computer%20Inventory%20System%20Using%20PHP/STORED%20XSS%20add-computer.php%20.md https://vuldb.com/?ctiid.255381 https://vuldb.com/?id.255381 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2065 – SourceCodester Barangay Population Monitoring System update-resident.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-2065
A vulnerability was found in SourceCodester Barangay Population Monitoring System up to 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/update-resident.php. The manipulation of the argument full_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Wh04m1001/CVE-2024-20656 https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Barangay%20Population%20Monitoring%20System/Stored%20XSS%20update-resident.php%20.md https://vuldb.com/?ctiid.255380 https://vuldb.com/?id.255380 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •