Filtered by vendor Oretnom23
Subscribe
Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2094 | 1 Oretnom23 | 1 Vehicle Service Management System | 2025-09-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/manage_mechanic.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226102 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-7221 | 1 Oretnom23 | 1 School Log Management System | 2025-09-29 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2024-7220 | 1 Oretnom23 | 1 School Log Management System | 2025-09-29 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/print_barcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2024-7219 | 1 Oretnom23 | 1 School Log Management System | 2025-09-29 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7218 | 1 Oretnom23 | 1 School Log Management System | 2025-09-29 | 4.0 MEDIUM | 3.5 LOW |
| A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used. | |||||
| CVE-2024-6807 | 1 Oretnom23 | 1 Student Study Center Desk Management System | 2025-09-27 | 3.3 LOW | 2.4 LOW |
| A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sscdms/classes/Users.php?f=save of the component HTTP POST Request Handler. The manipulation of the argument firstname/middlename/lastname/username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-10790 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2025-09-25 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-10421 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /update_account.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2025-10420 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was detected in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /form137.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. | |||||
| CVE-2025-10419 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /del_promote.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-10418 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2022-28026 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 7.5 HIGH | 9.8 CRITICAL |
| Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=student_p&id=. | |||||
| CVE-2022-27304 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 7.5 HIGH | 9.8 CRITICAL |
| Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter. | |||||
| CVE-2022-28025 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 7.5 HIGH | 9.8 CRITICAL |
| Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=school_year. | |||||
| CVE-2022-28024 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 7.5 HIGH | 9.8 CRITICAL |
| Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade. | |||||
| CVE-2025-10409 | 1 Oretnom23 | 1 Student Grading System | 2025-09-19 | 6.5 MEDIUM | 6.3 MEDIUM |
| A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-10407 | 1 Oretnom23 | 1 Student Grading System | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_user.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-10408 | 1 Oretnom23 | 1 Student Grading System | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edit_user.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-10400 | 1 Oretnom23 | 1 Food Ordering Management System | 2025-09-18 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Impacted is an unknown function of the file /routers/ticket-message.php. Such manipulation of the argument ticket_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-10100 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2025-09-12 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in SourceCodester Simple Forum Discussion System 1.0. This impacts an unknown function of the file /admin_class.php?action=login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. | |||||