Oretnom23: Security Vulnerabilities
A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-211188.
CVSS Score
2.4
EPSS Score
0.002
Published
2022-10-18
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument change password leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211189 was assigned to this vulnerability.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-10-18
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability.
CVSS Score
2.4
EPSS Score
0.009
Published
2022-10-17
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211048.
CVSS Score
2.4
EPSS Score
0.006
Published
2022-10-17
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /csms/admin/?page=user/manage_user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211049 was assigned to this vulnerability.
CVSS Score
4.7
EPSS Score
0.003
Published
2022-10-17
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-10-14
Online Birth Certificate Management System version 1.0 suffers from an Insecure Direct Object Reference (IDOR) vulnerability
CVSS Score
4.3
EPSS Score
0.001
Published
2022-10-14
Online Birth Certificate Management System version 1.0 suffers from a persistent Cross Site Scripting (XSS) vulnerability.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-10-14
Online Birth Certificate Management System version 1.0 is vulnerable to Cross Site Request Forgery (CSRF).
CVSS Score
8.8
EPSS Score
0.001
Published
2022-10-14
Online Birth Certificate Management System version 1.0 suffers from a Cross Site Scripting (XSS) Vulnerability.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-10-14