CVE-2024-8154 – SourceCodester QR Code Bookmark System Parameter update-bookmark.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8154
A vulnerability classified as problematic has been found in SourceCodester QR Code Bookmark System 1.0. Affected is an unknown function of the file /endpoint/update-bookmark.php of the component Parameter Handler. The manipulation of the argument tbl_bookmark_id/name/url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_update_bookmark_XSS.md https://vuldb.com/?ctiid.275742 https://vuldb.com/?id.275742 https://vuldb.com/?submit.397580 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-8153 – SourceCodester QR Code Bookmark System delete-bookmark.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8153
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The manipulation of the argument bookmark leads to cross site scripting. The attack may be initiated remotely. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_delete_bookmark_XSS.md https://vuldb.com/?ctiid.275741 https://vuldb.com/?id.275741 https://vuldb.com/?submit.397579 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-8152 – SourceCodester QR Code Bookmark System Parameter add-bookmark.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8152
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/add-bookmark.php of the component Parameter Handler. The manipulation of the argument name/url leads to cross site scripting. The attack can be initiated remotely. • https://github.com/jadu101/CVE/blob/main/SourceCodester_QR_Code_Bookmark_System_add_bookmark_XSS.md https://vuldb.com/?ctiid.275740 https://vuldb.com/?id.275740 https://vuldb.com/?submit.397575 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-3797 – SourceCodester QR Code Bookmark System sql injection
https://notcve.org/view.php?id=CVE-2024-3797
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1. The manipulation of the argument bookmark leads to sql injection. • https://github.com/BurakSevben/CVEs/blob/main/QR%20Code%20Bookmark%20System/QR%20Code%20Bookmark%20System%20-%20SQL%20Injection.md https://vuldb.com/?ctiid.260764 https://vuldb.com/?id.260764 https://vuldb.com/?submit.316322 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •