CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34666
https://notcve.org/view.php?id=CVE-2023-34666
Cross-site scripting (XSS) vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter. • https://www.exploit-db.com/exploits/49204 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 14%CPEs: 1EXPL: 3CVE-2022-29009
https://notcve.org/view.php?id=CVE-2022-29009
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. Múltiples vulnerabilidades de inyección SQL por medio de los parámetros username y password en el panel de administración de Cyber Cafe Management System Project versión v1.0, permiten a atacantes omitir la autenticación • https://github.com/sudoninja-noob/CVE-2022-29009 https://github.com/sudoninja-noob/CVE-2022-29009/blob/main/CVE-2022-29009.txt https://www.exploit-db.com/exploits/50355 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •