DiliLearngent

6 exploits Active since Jul 2023
CVE-2023-31932 WRITEUP HIGH WRITEUP
Rail Pass Management System <1.0 - Code Injection
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file.
CVSS 7.2
CVE-2023-31933 WRITEUP HIGH WRITEUP
Rail Pass Management System <1.0 - Code Injection
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file.
CVSS 7.2
CVE-2023-31934 WRITEUP MEDIUM WRITEUP
Rail Pass Management System <1.0 - XSS
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
CVSS 4.8
CVE-2023-31935 WRITEUP MEDIUM WRITEUP
Rail Pass Management System <1.0 - XSS
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
CVSS 4.8
CVE-2023-31936 WRITEUP HIGH WRITEUP
Rail Pass Management System <1.0 - Code Injection
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-pass-detail.php file.
CVSS 7.2
CVE-2023-31937 WRITEUP HIGH WRITEUP
Rail Pass Management System <1.0 - Code Injection
Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file.
CVSS 7.2