Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2023-2038

A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin_class.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225916.

CVE
Open in Source
#sql#vulnerability#web#php
CVE-2023-2037

A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225915.

CVE-2023-2035: cve_hub/Video Sharing Website vuln 3.pdf at main · E1CHO/cve_hub

A vulnerability has been found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file signup.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225913 was assigned to this vulnerability.

CVE-2023-2036

A vulnerability was found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file upload.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-225914 is the identifier assigned to this vulnerability.

CVE-2023-29627: File uploads | Web Security Academy

Online Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.

CVE-2023-29621: File Inclusion Vulnerabilities: What are they and how do they work?

Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.

CVE-2023-29625: CVE-nu11secur1ty/vendors/oretnom23/2023/Employee-Performance-Evaluation-1.0 at main · nu11secur1ty/CVE-nu11secur1ty

Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.

CVE-2023-29623: CVE-nu11secur1ty/vendors/oretnom23/2023/Purchase-Order-Management-1.0/XSS-Reflected at main · nu11secur1ty/CVE-nu11secur1ty

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.

CVE-2023-29622: CVE-nu11secur1ty/vendors/oretnom23/2023/Purchase-Order-Management-1.0/SQLi at main · nu11secur1ty/CVE-nu11secur1ty

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.

CVE-2023-29626: CVE-nu11secur1ty/vendors/oretnom23/2023/Yoga-Class-Registration -1.0-2023 - Multiple-SQLi at main · nu11secur1ty/CVE-nu11secur1ty

Yoga Class Registration System 1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at /admin/login.php.