k0xx11/bug_report
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.1 HIGH | — | ||
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php. | |||
| 9.8 CRITICAL | — | ||
Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=. | |||
| 9.8 CRITICAL | — | ||
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php. | |||
| 9.8 CRITICAL | — | ||
Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php. | |||
| 6.3 MEDIUM | 6.5 MEDIUM | ||
A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file summary_results.php. The manipulation of the argument main_event_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223549 was assigned to this vulnerability. | |||
| 7.2 HIGH | — | ||
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=. | |||
| 7.2 HIGH | — | ||
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage. | |||
| 8.8 HIGH | — | ||
Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php. | |||
| 9.8 CRITICAL | — | ||
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /librarian/del.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /staff/delstu.php. | |||
| 9.8 CRITICAL | — | ||
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /staff/delete.php. | |||
| 9.8 CRITICAL | — | ||
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php. | |||
| 9.8 CRITICAL | — | ||
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the title parameter at /librarian/history.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | |||
| 6.3 MEDIUM | 6.5 MEDIUM | ||
A vulnerability was found in SourceCodester Library Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /librarian/bookdetails.php. The manipulation of the argument id with the input ' AND (SELECT 9198 FROM (SELECT(SLEEP(5)))iqZA)-- PbtB leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_message. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_doctor. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_history. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_room_type. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via hprms/admin/room_types/manage_room_type.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/room_types/view_room_type.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/view_doctor.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/doctors/manage_doctor.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=user/manage_user&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/manage_room.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu. | |||
| 9.1 CRITICAL | 6.4 MEDIUM | ||
Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/?page=patients/view_patient&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_settings. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&search=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=bytitle. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_court_rental_report&date=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/applicants/index.php?view=view&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/user/index.php?view=edit&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/vacancy/index.php?view=edit&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=bycompany. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category&search=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=byfunction. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_sales_report&date=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/employee/index.php?view=edit&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=user/manage_user&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_product. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_court. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_service. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manage_product.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/view_details&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/manage_service_transaction&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/view_product.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/manage_court.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/view_court.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales/manage_sale&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/services/view_service.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/services/manage_service.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_report. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/view_response&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/manage_response&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=user/manage_user&id=. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
ChatBot App with Suggestion v1.0 is vulnerable to Delete any file via /simple_chat_bot/classes/Master.php?f=delete_img. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/respondent_types/manage_respondent_type.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manage_team.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/teams/view_team.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/manage_report.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/view_report.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_team. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=. | |||
| 9.1 CRITICAL | 6.4 MEDIUM | ||
Rescue Dispatch Management System v1.0 is vulnerable to Delete any file via /rdms/classes/Master.php?f=delete_img. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=get_vehicle_service. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/services/view_service.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manage_service.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 by oretnom23 has SQL injection via /ocwbs/admin/services/manage_price.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/vehicles/manage_vehicle.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/bookings/update_status.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_vehicle. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_service. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Online Car Wash Booking System v1.0 is vulnerable to Delete any file via /ocwbs/classes/Master.php?f=delete_img. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/login.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering/admin/products/index.php?view=edit&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id= | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_profile.php" file. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "package_edit.php" file. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_edit.php" file. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar= | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. | |||
| 6.5 MEDIUM | 5.5 MEDIUM | ||
Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type. | |||
| 7.2 HIGH | 6.5 MEDIUM | ||
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=. | |||
| 6.5 MEDIUM | 4 MEDIUM | ||
KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background management module. | |||
| 7.5 HIGH | 5 MEDIUM | ||
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=delete&msgid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=read&msgid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=edit&roleid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=display&value=1&roleid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts&action=display&value=1&postid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Car Driving School Managment System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_package. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/admin/?page=agents/manage_agent. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_estate. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_type. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Master.php?f=delete_amenity. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=student_p&id=. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item. | |||
| 9.8 CRITICAL | 7.5 HIGH | ||
Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\deduction_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_employee_edit.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_delete.php. | |||
| 8.8 HIGH | 6.5 MEDIUM | ||
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php. | |||