Oretnom23: Security Vulnerabilities
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-05
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.016
Published
2022-03-21
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-28
SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field.
CVSS Score
9.8
EPSS Score
0.078
Published
2022-01-21
An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-21
An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-21
The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be vulnerable to SQL injection attacks through the password parameter. The predictive tests of this application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve all authentication and information about the users of this system.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-23
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this vulnerability.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-12-21
Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-15