Daily Tracker System Project: Security Vulnerabilities
A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-09-09
A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter.
CVSS Score
9.8
EPSS Score
0.022
Published
2020-09-03