Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-30017: Rescue Dispatch Management System in PHP/OOP Free Source Code

Rescue Dispatch Management System 1.0 suffers from Stored XSS, leading to admin account takeover via cookie stealing.

CVE
#sql#xss#web#apache#java#php

Submitted by oretnom23 on Tuesday, April 26, 2022 - 16:07.

****Introduction****

This simple project is a Rescue Dispatch Management System. This is a web-based application project developed in PHP and MySQL Database. This project provides an automated platform for managing the availability of the rescue responders team and recording the incident report efficiently and effectively. This was developed with a pleasant user interface using Bootstrap Framework and AdminLTE Template. It also consists of user-friendly features and functionalities.

****About the Rescue Dispatch Management System****

I developed this project using the following:

  • XAMPP v3.3.0
  • PHP
  • MySQL Database
  • HTML
  • CSS
  • JavaScript
  • Ajax
  • jQuery
  • Bootstrap
  • Font Awesome
  • AdminLTE

This Rescue Dispatch Management System can be only accessed by the dispatchers or the rescue management. The system stores the list of types of incidents, types of responders team, and incidents reported. The system users are incharge of assigning responders to the location of the reported incident. The dispatcher can only assign the available team. This system also generates printable reports of Daily Incident Report and Daily Incident Report per Type. The application is easy to manage and consists of a front-end feature for managing the system information such as the system name, logo, etc. The system can be accessed by 2 types of user roles which are the Administrator and Staff. The administrator has the privilege to access and manage all the features and functionalities of the system while the staff have only limited permission.

****Features****

  • Home Page
    • Display the summary and images.
  • Incident Type Management
    • Add New Incident Type
    • List All Incident Types
    • View Incident Type Details
    • Delete Incident Type
  • Respondent Type Management
    • Add New Respondent Type
    • List All Respondent Types
    • View Respondent Type Details
    • Update Respondent Type Details
    • Delete Respondent Type
  • Team Management
    • Add New Team
    • List All Teams
    • View Team Details
    • Update Team Details
    • Delete Team
  • Incident Management
    • Add New Incident
    • List All Incidents
    • View Incident Details
    • Update Incident Details
    • Delete Incident
  • Report
    • Generate Printable Daily Incident Report
    • Generate Printable Daily Incident Report per Type
  • User Management
    • Add New User
    • List All Users
    • View User Details
    • Edit User Details
    • Delete User Details
  • Update System Information
  • Update Account Details/Credentials
  • Login and Logout

The source code was developed only for educational purposes only. You can download the source code for free and modify it the way you wanted.

**System Snapshots of some Features******Login Page****

****Dashboard Page****

****Incident Report Form****

****Incident Report Details****

****Daily Incident Report Print View****

****Daily Incident Report per Type - Print View****

How to Run ??

****Requirements****

  • Download and Install any local web server such as XAMPP.
  • Download the provided source code zip file. (download button is located below)
  • Download the project plugins at https://www.dropbox.com/s/0makc07ent9ta4m/rdms_plugins.zip?dl=1

****System Installation/Setup****

  1. Enable the GD Library in your php.ini file.
  2. Open your XAMPP Control Panel and start ****Apache**** and ****MySQL****.
  3. Extract the downloaded source code zip file.
  4. Copy the extracted source code folder and paste it into the XAMPP’s “htdocs” directory.
  5. Extract the downloaded plugins zip file.
  6. Copy the extracted plugins folder and paste it into the source code root path.
  7. Browse the ****PHPMyAdmin**** in a browser. i.e. ****http://localhost/phpmyadmin****
  8. Create a new database naming ****rdms_db****.
  9. Import the provided ****SQL**** file. The file is known as ****rdms_db.sql**** located inside the database folder.
  10. Browse the Rescue Dispatch Management System in a browser. i.e. ****http://localhost/rdms/****.

****Admin Default Access:****

Username: admin
Password: admin123

****DEMO VIDEO****

That’s it. You can now explore the features and functionalities of this Rescue Dispatch Management System in PHP. I hope this will help you with what you are looking for and you’ll find something useful for your future projects.

Explore more on this website for more Free Source Codes and Tutorials.

Enjoy :)

  • 878 views

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907