CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10192 – PHPGurukul IFSC Code Finder Project search.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-10192
A vulnerability has been found in PHPGurukul IFSC Code Finder Project 1.0 and classified as problematic. This vulnerability affects unknown code of the file search.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/phpgurukul_ifsc_code_finder_search_xss.md https://phpgurukul.com https://vuldb.com/?ctiid.280966 https://vuldb.com/?id.280966 https://vuldb.com/?submit.426759 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 3CVE-2021-42224 – IFSC Code Finder Project 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2021-42224
SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php. Se presenta una vulnerabilidad de inyección SQL en IFSC Code Finder Project versión 1.0, por medio del parámetro searchifsccode POST en el archivo /search.php IFSC Code Finder Project version 1.0 suffers from a remote SQL injection vulnerability. • http://packetstormsecurity.com/files/164514/IFSC-Code-Finder-Project-1.0-SQL-Injection.html https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42224 https://www.exploit-db.com/exploits/50391 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •