Shodan
Vulnerabilities
Vulnerable Software
Oretnom23:  Security Vulnerabilities
CVE-2022-28025
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
CVE-2022-28026
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=student_p&id=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
CVE-2022-27304
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
CVE-2022-26644
Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-03-30
CVE-2022-26645
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.
CVSS Score
9.8
EPSS Score
0.032
Published
2022-03-30
CVE-2022-26646
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-03-30
CVE-2022-26283
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVSS Score
9.8
EPSS Score
0.016
Published
2022-03-21
CVE-2021-45435
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-28
CVE-2021-41659
SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24
CVE-2021-40596
SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved