Category: Vulnerabilities

A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file removeUser.php. The manipulation of the argument id...

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation...

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads...

Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Onl…; https://www.sourcecodester.com/php/16022/onli…;

Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Onl…; https://www.sourcecodester.com/php/16022/onli…;

Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Onl…; https://www.sourcecodester.com/php/16022/onli…;

Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Onl…; https://www.sourcecodester.com/php/16022/onli…;

Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Onl…; https://www.sourcecodester.com/php/16022/onli…;

Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Raf…; https://www.sourcecodester.com/php/15951/raff…;

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Raf…; https://www.sourcecodester.com/php/15951/raff…;

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Raf…; https://www.sourcecodester.com/php/15951/raff…;

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Raf…; https://www.sourcecodester.com/php/15951/raff…;

Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php. Date published : 2023-02-06 https://github.com/xiumulty/CVE/blob/main/Raf…; https://www.sourcecodester.com/php/15951/raff…;

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules. Date published : 2023-02-06 https://github.com/Am1ngl/ttt/tree/main/18