6.9
CVE-2024-12944 - CodeAstro House Rental Management System signin.php sql injection
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /signin.php. The manipulation of the argument u/p leads to sql injection. The attack may be launched remotely. The exploit has bβ¦
6.9
CVE-2024-12943 - CodeAstro House Rental Management System ownersignup.php sql injection
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ownersignup.php. The manipulation of the argument f/e/p/m/o/n/c/s/ci/a leads to sql injection. The attack can be launcβ¦
6.9
CVE-2024-12942 - 1000 Projects Portfolio Management System MCA admin_login.php sql injection
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/admin_login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remoβ¦
5.3
CVE-2024-12941 - CodeAstro Blood Donor Management System deletedannounce.php sql injection
A vulnerability was found in CodeAstro Blood Donor Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/deletedannounce.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has bβ¦
6.9
CVE-2024-12940 - 1000 Projects Attendance Tracking Management System student_action.php sql injection
A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/student_action.php. The manipulation of the argument student_id leads to sql injection. The attack can be initiated remoteβ¦
5.3
CVE-2024-12939 - code-projects Job Recruitment _all_edits.php add_edu sql injection
A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function add_edu of the file /_parse/_all_edits.php. The manipulation of the argument degree leads to sql injection. The attack may be initiated remotely. The exploit has been disclβ¦
5.3
CVE-2024-12938 - code-projects Simple Admin Panel updateOrderStatus.php sql injection
A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file updateOrderStatus.php. The manipulation of the argument record leads to sql injection. The attack can be launched remotely. The eβ¦
4.7
CVE-2024-11223 - WPForms < 1.9.2.3 - Admin+ Stored XSS
The WPForms WordPress plugin before 1.9.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
4.7
CVE-2024-10903 - Broken Link Checker < 2.4.2 - Admin+ SSRF
The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation.
5.3
CVE-2024-12937 - code-projects Simple Admin Panel addVariationController.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. Affected is an unknown function of the file addVariationController.php. The manipulation of the argument qty leads to sql injection. It is possible to launch the attack remotely. The exploit has beβ¦