Filtered by vendor Janobe
Subscriptions
Total
113 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2025-10593 | 2 Janobe, Sourcecodester | 2 Online Student File Management System, Online Student File Management System | 2025-09-18 | 6.3 Medium |
A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/update_student.php. Performing manipulation of the argument stud_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. | ||||
CVE-2025-10594 | 2 Janobe, Sourcecodester | 2 Online Student File Management System, Online Student File Management System | 2025-09-18 | 6.3 Medium |
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_student.php. Executing manipulation of the argument stud_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
CVE-2025-10479 | 2 Janobe, Sourcecodester | 2 Online Student File Management System, Online Student File Management System | 2025-09-17 | 7.3 High |
A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. | ||||
CVE-2025-9700 | 2 Janobe, Sourcecodester | 2 Online Book Store, Online Book Store | 2025-09-08 | 7.3 High |
A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | ||||
CVE-2025-9704 | 2 Janobe, Sourcecodester | 2 Water Billing System, Water Billing System | 2025-09-08 | 7.3 High |
A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. | ||||
CVE-2025-9705 | 2 Janobe, Sourcecodester | 2 Water Billing System, Water Billing System | 2025-09-08 | 7.3 High |
A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
CVE-2025-9706 | 2 Janobe, Sourcecodester | 2 Water Billing System, Water Billing System | 2025-09-08 | 7.3 High |
A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | ||||
CVE-2025-9660 | 1 Janobe | 1 Bakeshop Online Ordering System | 2025-09-08 | 7.3 High |
A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
CVE-2024-0182 | 1 Janobe | 1 Engineers Online Portal | 2025-06-03 | 7.3 High |
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-249440. | ||||
CVE-2025-2377 | 1 Janobe | 1 Vehicle Management System | 2025-05-15 | 3.5 Low |
A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /confirmbooking.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting product names. | ||||
CVE-2024-3353 | 2 Janobe, Sourcecodester | 2 Aplaya Beach Resort Online Reservation System, Aplaya Beach Resort Online Reservation System | 2025-05-15 | 7.3 High |
A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/mod_reports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259457 was assigned to this vulnerability. | ||||
CVE-2024-48245 | 1 Janobe | 1 Vehicle Management System | 2025-05-14 | 7.2 High |
Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include "Booking ID", "Action Name", and "Payment Confirmation ID", which are present in /newvehicle.php and /newdriver.php. | ||||
CVE-2023-7160 | 1 Janobe | 1 Engineers Online Portal | 2025-04-17 | 2.4 Low |
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add Engineer Handler. The manipulation of the argument first name/last name with the input <script>alert(0)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249182 is the identifier assigned to this vulnerability. | ||||
CVE-2025-1590 | 1 Janobe | 1 E-learning System | 2025-02-28 | 4.7 Medium |
A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. | ||||
CVE-2024-3358 | 2 Janobe, Sourcecodester | 2 Aplaya Beach Resort Online Reservation System, Aplaya Beach Resort Online Reservation System | 2025-02-26 | 3.5 Low |
A vulnerability classified as problematic was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument to leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259462 is the identifier assigned to this vulnerability. | ||||
CVE-2025-1192 | 1 Janobe | 1 Multi Restaurant Table Reservation System | 2025-02-18 | 6.3 Medium |
A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2025-1191 | 1 Janobe | 1 Multi Restaurant Table Reservation System | 2025-02-18 | 6.3 Medium |
A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/approve-reject.php. The manipulation of the argument breject_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2024-3363 | 1 Janobe | 1 Online Library System | 2025-02-18 | 7.3 High |
A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259467. | ||||
CVE-2024-3354 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.3 High |
A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file admin/mod_users/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259458 is the identifier assigned to this vulnerability. | ||||
CVE-2024-3355 | 1 Janobe | 1 Aplaya Beach Resort Online Reservation System | 2025-02-11 | 7.3 High |
A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mod_users/controller.php?action=add. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259459. |