Show filters
33 Total Results
Displaying 11-20 of 33
Sort by:
Attacker Value
Unknown
CVE-2024-3439
Disclosure Date: April 08, 2024 (last updated February 11, 2025)
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259692.
0
Attacker Value
Unknown
CVE-2024-3438
Disclosure Date: April 08, 2024 (last updated February 11, 2025)
A vulnerability was found in SourceCodester Prison Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/login.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259691.
0
Attacker Value
Unknown
CVE-2024-3437
Disclosure Date: April 08, 2024 (last updated February 11, 2025)
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Admin/add-admin.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259631.
0
Attacker Value
Unknown
CVE-2024-3436
Disclosure Date: April 08, 2024 (last updated February 11, 2025)
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Admin/edit-photo.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259630 is the identifier assigned to this vulnerability.
0
Attacker Value
Unknown
CVE-2022-32405
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/view_prison.php:4
0
Attacker Value
Unknown
CVE-2022-32404
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_inmate.php:3
0
Attacker Value
Unknown
CVE-2022-32403
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_record.php:4
0
Attacker Value
Unknown
CVE-2022-32402
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/manage_prison.php:4
0
Attacker Value
Unknown
CVE-2022-32401
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_privilege.php:4
0
Attacker Value
Unknown
CVE-2022-32400
Disclosure Date: June 24, 2022 (last updated February 24, 2025)
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/user/manage_user.php:4.
0
