Filtered by vendor Oretnom23
Subscribe
Total
564 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31545 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-14 | N/A | 9.4 CRITICAL |
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. | |||||
| CVE-2024-31547 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-14 | N/A | 9.1 CRITICAL |
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php. | |||||
| CVE-2024-31546 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-14 | N/A | 9.8 CRITICAL |
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. | |||||
| CVE-2023-49540 | 1 Oretnom23 | 1 Book Store Management System | 2025-04-14 | N/A | 6.1 MEDIUM |
| Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter. | |||||
| CVE-2023-49539 | 1 Oretnom23 | 1 Book Store Management System | 2025-04-14 | N/A | 6.1 MEDIUM |
| Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/category. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the category parameter. | |||||
| CVE-2024-35581 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-11 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field. | |||||
| CVE-2024-35582 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-11 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field. | |||||
| CVE-2024-35583 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-11 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. | |||||
| CVE-2024-35468 | 1 Oretnom23 | 1 Human Resource Management System | 2025-04-11 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2024-35469 | 1 Oretnom23 | 1 Human Resource Management System | 2025-04-11 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2024-31586 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-11 | N/A | 6.1 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters. | |||||
| CVE-2024-31544 | 1 Oretnom23 | 1 Computer Laboratory Management System | 2025-04-11 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in /classes/Master.php?f=save_record. | |||||
| CVE-2025-3118 | 1 Oretnom23 | 1 Online Tutor Portal | 2025-04-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been classified as critical. This affects an unknown part of the file /tutor/courses/view_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-31649 | 1 Oretnom23 | 1 Cosmetics And Beauty Product Online Store | 2025-04-10 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. | |||||
| CVE-2024-31650 | 1 Oretnom23 | 1 Cosmetics And Beauty Product Online Store | 2025-04-10 | N/A | 9.6 CRITICAL |
| A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter. | |||||
| CVE-2024-31652 | 1 Oretnom23 | 1 Cosmetics And Beauty Product Online Store | 2025-04-10 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter. | |||||
| CVE-2025-3119 | 1 Oretnom23 | 1 Online Tutor Portal | 2025-04-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/manage_course.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3140 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2025-04-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /view_category.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3141 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2025-04-09 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3296 | 1 Oretnom23 | 1 Online Eyewear Shop | 2025-04-08 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=delete_customer. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||