| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sourcecodester Simple Forum Website v1.0 has a SQL injection vulnerability in /php-sqlite-forum/?page=manage_user&id=. |
| SQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POST request to /emloyee_akpoly/Account/login.php. |
| SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php. |
| Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php. |
| SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php. |
| A SQL injection vulnerability was found in 'ajax.php' of Sourcecodester Simple Library Management System 1.0. This vulnerability stems from insufficient user input validation of the 'username' parameter, allowing attackers to inject malicious SQL queries. |
| SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via the id parameter. |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information parameter. |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter. |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" under Add Users. |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User. |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User. |
| SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users. |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users. |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User. |
| A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php of the component Add Nominee Page. The manipulation of the argument Nominee-Client ID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. |
| Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter. |
| Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket. |
