Shodan
Vulnerabilities
Vulnerable Software
Kashipara:  Security Vulnerabilities
CVE-2023-49681
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-21
CVE-2023-49677
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-21
CVE-2023-49270
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-12-20
CVE-2023-49271
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-12-20
CVE-2023-5010
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-20
CVE-2023-5011
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-20
CVE-2023-5007
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved