CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7678 – SourceCodester Car Driving School Management System Master.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-7678
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_package. The manipulation of the argument name/description/training_duration leads to cross site scripting. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20XSS-2.md https://vuldb.com/?ctiid.274130 https://vuldb.com/?id.274130 https://vuldb.com/?submit.388833 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7677 – SourceCodester Car Driving School Management System SystemSettings.php update_settings_info cross site scripting
https://notcve.org/view.php?id=CVE-2024-7677
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument contact/address leads to cross site scripting. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20XSS-1.md https://vuldb.com/?ctiid.274129 https://vuldb.com/?id.274129 https://vuldb.com/?submit.388832 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7676 – Sourcecodester Car Driving School Management System Master.php save_package sql injection
https://notcve.org/view.php?id=CVE-2024-7676
A vulnerability was found in Sourcecodester Car Driving School Management System 1.0. It has been classified as critical. Affected is the function save_package of the file /classes/Master.php?f=save_package. The manipulation of the argument id leads to sql injection. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-8.md https://vuldb.com/?ctiid.274128 https://vuldb.com/?id.274128 https://vuldb.com/?submit.388831 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7669 – SourceCodester Car Driving School Management System Master.php delete_enrollment sql injection
https://notcve.org/view.php?id=CVE-2024-7669
A vulnerability was found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This issue affects the function delete_enrollment of the file Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-7.md https://vuldb.com/?ctiid.274127 https://vuldb.com/?id.274127 https://vuldb.com/?submit.388773 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7668 – SourceCodester Car Driving School Management System Master.php delete_package sql injection
https://notcve.org/view.php?id=CVE-2024-7668
A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This vulnerability affects the function delete_package of the file Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-6.md https://vuldb.com/?ctiid.274126 https://vuldb.com/?id.274126 https://vuldb.com/?submit.388772 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •