Glunko

4 exploits Active since Dec 2023
CVE-2023-6898 WRITEUP MEDIUM WRITEUP
Mayurik Best Courier Management System - SQL Injection
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248256.
CVSS 5.5
CVE-2023-7075 WRITEUP LOW WRITEUP
Code-projects Point OF Sales And Inventory Management System - XSS
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248846 is the identifier assigned to this vulnerability.
CVSS 3.5
CVE-2023-7096 WRITEUP MEDIUM WRITEUP
Carmelogarcia Faculty Management System - Injection
A flaw has been found in code-projects Faculty Management System 1.0. The affected element is an unknown function of the file /admin/php/crud.php. This manipulation of the argument fieldname/tablename causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
CVSS 4.7
CVE-2023-7097 WRITEUP MEDIUM WRITEUP
Fabian Water Billing System - SQL Injection
A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248949 was assigned to this vulnerability.
CVSS 6.3