Oretnom23: Security Vulnerabilities
SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field.
CVSS Score
9.8
EPSS Score
0.078
Published
2022-01-21
An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-21
An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-21
The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be vulnerable to SQL injection attacks through the password parameter. The predictive tests of this application interacted with that domain, indicating that the injected SQL query was executed. The attacker can retrieve all authentication and information about the users of this system.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-23
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this vulnerability.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-12-21
Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-12-15
Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
CVSS Score
9.8
EPSS Score
0.019
Published
2021-11-15
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-11-03