|
195281
|
9.8 |
CRITICAL
Network
|
responsive_ordering_system_project
|
responsive_ordering_system
|
Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25206
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195282
|
5.4 |
MEDIUM
Network
|
e-commerce_website_project
|
e-commerce_website
|
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.
|
CWE-79
Cross-site Scripting
|
CVE-2021-25204
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195283
|
9.8 |
CRITICAL
Network
|
victor_cms_project
|
victor_cms
|
Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25203
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195284
|
7.5 |
HIGH
Network
|
learning_management_system_project
|
learning_management_system
|
SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.
|
CWE-89
SQL Injection
|
CVE-2021-25201
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195285
|
9.8 |
CRITICAL
Network
|
e-commerce_website_project
|
e-commerce_website
|
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25207
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195286
|
9.8 |
CRITICAL
Network
|
travel_management_system_project
|
travel_management_system
|
SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.
|
CWE-89
SQL Injection
|
CVE-2021-25213
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195287
|
9.8 |
CRITICAL
Network
|
online_ordering_system_project
|
online_ordering_system
|
Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-25211
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195288
|
9.8 |
CRITICAL
Network
|
theme_park_ticketing_system_project
|
theme_park_ticketing_system
|
SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_user.php .
|
CWE-89
SQL Injection
|
CVE-2021-25209
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195289
|
9.8 |
CRITICAL
Network
|
e-commerce_website_project
|
e-commerce_website
|
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
|
CWE-89
SQL Injection
|
CVE-2021-25205
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195290
|
9.8 |
CRITICAL
Network
|
alumni_management_system_project
|
alumni_management_system
|
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php.
|
CWE-89
SQL Injection
|
CVE-2021-25212
|
2024-11-21 14:54 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
