Filtered by vendor Kashipara
Subscriptions
Total
132 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-49688 | 1 Kashipara | 1 Job Portal | 2024-11-21 | 9.8 Critical |
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49681 | 1 Kashipara | 1 Job Portal | 2024-11-21 | 9.8 Critical |
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49677 | 1 Kashipara | 1 Job Portal | 2024-11-21 | 9.8 Critical |
Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49666 | 1 Kashipara | 1 Billing System | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmer_details' parameter of the submit_material_list.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49665 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity[]' parameter of the submit_delivery_list.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49658 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bank_details' parameter of the party_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49639 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customer_details' parameter of the buyer_invoice_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49633 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyer_address' parameter of the buyer_detail_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49625 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partylist_edit_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49624 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the material_bill.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49622 | 1 Kashipara | 1 Billing Software | 2024-11-21 | 9.8 Critical |
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'itemnameid' parameter of the material_bill.php?action=itemRelation resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-49272 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | 5.4 Medium |
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | ||||
CVE-2023-49271 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | 5.4 Medium |
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | ||||
CVE-2023-49270 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | 5.4 Medium |
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | ||||
CVE-2024-50826 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters. | ||||
CVE-2024-50825 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter. | ||||
CVE-2024-50824 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | ||||
CVE-2024-50823 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | ||||
CVE-2024-50835 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters. | ||||
CVE-2024-50834 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters. |