Shodan
Vulnerabilities
Vulnerable Software
Oretnom23:  >> Computer Laboratory Management System  Security Vulnerabilities
CVE-2024-35582
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-05-28
CVE-2024-35583
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-05-28
CVE-2024-35581
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-28
CVE-2024-34224
Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters.
CVSS Score
7.3
EPSS Score
0.008
Published
2024-05-14
CVE-2024-34225
Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-14
CVE-2024-31545
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
CVSS Score
9.4
EPSS Score
0.001
Published
2024-04-22
CVE-2024-31546
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-04-19
CVE-2024-31547
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-04-19
CVE-2024-3695
A vulnerability has been found in SourceCodester Computer Laboratory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-260482 is the identifier assigned to this vulnerability.
CVSS Score
3.5
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31544
A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in /classes/Master.php?f=save_record.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-04-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved