tubakvgc/CVEs

Releases0

Stars13

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-25318 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	8.8 HIGH	—
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
CVE-2024-25310 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."
CVE-2024-25302 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	9.8 CRITICAL	—
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter.
CVE-2024-25316 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	9.8 CRITICAL	—
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2.
CVE-2024-25315 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	9.8 CRITICAL	—
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2.
CVE-2024-25314 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	9.8 CRITICAL	—
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.
CVE-2024-25307 ↗	Feb 9, 2024Friday, 9 February 2024, 14:15	9.8 CRITICAL	—
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."
CVE-2024-25309 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.
CVE-2024-25308 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.
CVE-2024-25312 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."
CVE-2024-25313 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
CVE-2024-25306 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".
CVE-2024-25305 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.
CVE-2024-25304 ↗	Feb 9, 2024Friday, 9 February 2024, 13:15	8.8 HIGH	—
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."
CVE-2024-24945 ↗	Feb 1, 2024Thursday, 1 February 2024, 20:50	6.1 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
CVE-2024-24041 ↗	Feb 1, 2024Thursday, 1 February 2024, 20:50	6.1 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.