CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7069 – SourceCodester Employee and Visitor Gate Pass Logging System sql injection
https://notcve.org/view.php?id=CVE-2024-7069
24 Jul 2024 — A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects some unknown processing of the file /employee_gatepass/classes/Master.php?f=delete_department. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://github.com/pineapple65/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6967 – SourceCodester Employee and Visitor Gate Pass Logging System sql injection
https://notcve.org/view.php?id=CVE-2024-6967
22 Jul 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. This affects an unknown part of the file /employee_gatepass/admin/?page=employee/manage_employee. The manipulation of the argument id leads to sql injection. • https://github.com/rtsjx-cve/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31752
https://notcve.org/view.php?id=CVE-2023-31752
23 May 2023 — SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php. • https://github.com/4O4NtFd/bug_report/blob/main/SQLI2/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2090 – SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php sql injection
https://notcve.org/view.php?id=CVE-2023-2090
15 Apr 2023 — A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /admin/maintenance/view_designation.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/4O4NtFd/bug_report/blob/main/SQLI1/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-46309
https://notcve.org/view.php?id=CVE-2021-46309
21 Jan 2022 — An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter. Se presenta una vulnerabilidad de inyección SQL en Sourcecodester Employee and Visitor Gate Pass Logging System versión 1.0, por medio del parámetro username • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Employee-and-Visitor-Gate-Pass-Logging • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •