Filtered by vendor Janobe
Subscribe
Total
89 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9700 | 1 Janobe | 1 Online Book Store | 2025-09-08 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-9704 | 1 Janobe | 1 Water Billing System | 2025-09-08 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-9705 | 1 Janobe | 1 Water Billing System | 2025-09-08 | 7.5 HIGH | 7.3 HIGH |
| A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-9706 | 1 Janobe | 1 Water Billing System | 2025-09-08 | 7.5 HIGH | 7.3 HIGH |
| A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-9660 | 1 Janobe | 1 Bakeshop Online Ordering System | 2025-09-08 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-2377 | 1 Janobe | 1 Vehicle Management System | 2025-05-14 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /confirmbooking.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting product names. | |||||
| CVE-2024-3353 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-05-14 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/mod_reports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259457 was assigned to this vulnerability. | |||||
| CVE-2024-48245 | 1 Janobe | 1 Vehicle Management System | 2025-05-14 | N/A | 7.2 HIGH |
| Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include "Booking ID", "Action Name", and "Payment Confirmation ID", which are present in /newvehicle.php and /newdriver.php. | |||||
| CVE-2025-1192 | 1 Janobe | 1 Multi Restaurant Table Reservation System | 2025-02-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1191 | 1 Janobe | 1 Multi Restaurant Table Reservation System | 2025-02-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/approve-reject.php. The manipulation of the argument breject_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-3363 | 1 Janobe | 1 Online Library System | 2025-02-18 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259467. | |||||
| CVE-2024-3354 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/mod_users/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259458 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-3355 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mod_users/controller.php?action=add. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259459. | |||||
| CVE-2024-3356 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/mod_settings/controller.php?action=add. The manipulation of the argument type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259460. | |||||
| CVE-2024-3357 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This affects an unknown part of the file admin/mod_reports/index.php. The manipulation of the argument end leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259461 was assigned to this vulnerability. | |||||
| CVE-2024-3358 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument to leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259462 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-3352 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/mod_comments/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259456. | |||||
| CVE-2024-3351 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This affects an unknown part of the file admin/mod_roomtype/index.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259455. | |||||
| CVE-2024-3350 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file admin/mod_room/index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259454 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-3349 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259453 was assigned to this vulnerability. | |||||