Shodan
Vulnerabilities
Vulnerable Software
Oretnom23:  Security Vulnerabilities
CVE-2024-34220
Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-14
CVE-2024-33302
SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-05-02
CVE-2024-33303
SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users.
CVSS Score
8.2
EPSS Score
0.002
Published
2024-05-02
CVE-2024-33304
SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" under Add Users.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-05-01
CVE-2023-23021
Cross Site Scripting (XSS) vulnerability in sourcecodester oretnom23 pos point sale system 1.0, allows attackers to execute arbitrary code via the code, name, and description inputs in file Main.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-01
CVE-2023-23022
Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 employee's payroll management system 1.0, allows attackers to execute arbitrary code via the code, title, from_date and to_date inputs in file Main.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-01
CVE-2023-23019
Cross site scripting (XSS) vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function user_add.\
CVSS Score
5.4
EPSS Score
0.002
Published
2024-05-01
CVE-2024-33247
Sourcecodester Employee Task Management System v1.0 is vulnerable to SQL Injection via admin-manage-user.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-25
CVE-2024-4093
A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-24
CVE-2024-31545
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
CVSS Score
9.4
EPSS Score
0.001
Published
2024-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved