LIU WEIYU

23 exploits Active since Apr 2024
CVE-2024-3359 WRITEUP HIGH WRITEUP
SourceCodester Online Library System 1.0 - SQL Injection
A vulnerability, which was classified as critical, has been found in SourceCodester Online Library System 1.0. This issue affects some unknown processing of the file admin/login.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259463.
CVSS 7.3
CVE-2024-3360 WRITEUP HIGH WRITEUP
SourceCodester Online Library System 1.0 - SQL Injection
A vulnerability, which was classified as critical, was found in SourceCodester Online Library System 1.0. Affected is an unknown function of the file admin/books/index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259464.
CVSS 7.3
CVE-2024-3361 WRITEUP HIGH WRITEUP
SourceCodester Online Library System 1.0 - SQL Injection
A vulnerability has been found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/books/deweydecimal.php. The manipulation of the argument category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259465 was assigned to this vulnerability.
CVSS 7.3
CVE-2024-3362 WRITEUP HIGH WRITEUP
SourceCodester Online Library System 1.0 - SQL Injection
A vulnerability was found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/books/controller.php. The manipulation of the argument IBSN leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259466 is the identifier assigned to this vulnerability.
CVSS 7.3
CVE-2024-3363 WRITEUP HIGH WRITEUP
SourceCodester Online Library System 1.0 - SQL Injection
A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259467.
CVSS 7.3
CVE-2024-3364 WRITEUP LOW WRITEUP
SourceCodester Online Library System 1.0 - XSS
A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259468.
CVSS 3.5
CVE-2024-3365 WRITEUP LOW WRITEUP
SourceCodester Online Library System 1.0 - XSS
A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument user_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259469 was assigned to this vulnerability.
CVSS 3.5
CVE-2024-3413 WRITEUP HIGH WRITEUP
SourceCodester Human Resource Information System 1.0 - SQL Injection via hr_email/hr_password Parameter
A vulnerability has been found in SourceCodester Human Resource Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file initialize/login_process.php. The manipulation of the argument hr_email/hr_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259582 is the identifier assigned to this vulnerability.
CVSS 7.3
CVE-2024-3414 WRITEUP LOW WRITEUP
SourceCodester Human Resource Information System 1.0 - Cross-Site Scripting via corporate_name Parameter
A vulnerability was found in SourceCodester Human Resource Information System 1.0 and classified as problematic. This issue affects some unknown processing of the file Superadmin_Dashboard/process/addcorporate_process.php. The manipulation of the argument corporate_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259583.
CVSS 3.5
CVE-2024-3415 WRITEUP LOW WRITEUP
Human Resource Information System 1.0 - Cross-Site Scripting via branches_name Parameter
A vulnerability was found in SourceCodester Human Resource Information System 1.0. It has been classified as problematic. Affected is an unknown function of the file Superadmin_Dashboard/process/addbranches_process.php. The manipulation of the argument branches_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259584.
CVSS 3.5
CVE-2024-3416 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/editt.php id Parameter
A vulnerability classified as critical was found in SourceCodester Online Courseware 1.0. This vulnerability affects unknown code of the file admin/editt.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259588.
CVSS 6.3
CVE-2024-3417 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/saveeditt.php Contact Parameter
A vulnerability, which was classified as critical, has been found in SourceCodester Online Courseware 1.0. This issue affects some unknown processing of the file admin/saveeditt.php. The manipulation of the argument contact leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259589 was assigned to this vulnerability.
CVSS 6.3
CVE-2024-3418 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/deactivateteach.php selector Parameter
A vulnerability, which was classified as critical, was found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file admin/deactivateteach.php. The manipulation of the argument selector leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259590 is the identifier assigned to this vulnerability.
CVSS 6.3
CVE-2024-3419 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/edit.php id Parameter
A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259591.
CVSS 6.3
CVE-2024-3420 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/saveedit.php id Parameter
A vulnerability was found in SourceCodester Online Courseware 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/saveedit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259592.
CVSS 6.3
CVE-2024-3421 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/deactivatestud.php Selector Argument
A vulnerability was found in SourceCodester Online Courseware 1.0. It has been classified as critical. This affects an unknown part of the file admin/deactivatestud.php. The manipulation of the argument selector leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259593 was assigned to this vulnerability.
CVSS 6.3
CVE-2024-3422 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/activatestud.php Selector Parameter
A vulnerability was found in SourceCodester Online Courseware 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/activatestud.php. The manipulation of the argument selector leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259594 is the identifier assigned to this vulnerability.
CVSS 6.3
CVE-2024-3423 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/activateteach.php Selector Argument
A vulnerability was found in SourceCodester Online Courseware 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/activateteach.php. The manipulation of the argument selector leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259595.
CVSS 6.3
CVE-2024-3424 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/listscore.php title Parameter
A vulnerability classified as critical has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file admin/listscore.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259596.
CVSS 6.3
CVE-2024-3425 WRITEUP MEDIUM WRITEUP
SourceCodester Online Courseware 1.0 - SQL Injection via admin/activateall.php Selector Parameter
A vulnerability classified as critical was found in SourceCodester Online Courseware 1.0. Affected by this vulnerability is an unknown functionality of the file admin/activateall.php. The manipulation of the argument selector leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259597 was assigned to this vulnerability.
CVSS 6.3
CVE-2024-3426 WRITEUP LOW WRITEUP
SourceCodester Online Courseware 1.0 - Cross-Site Scripting via editt.php id Parameter
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Courseware 1.0. Affected by this issue is some unknown functionality of the file editt.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259598 is the identifier assigned to this vulnerability.
CVSS 3.5
CVE-2024-3427 WRITEUP LOW WRITEUP
SourceCodester Online Courseware 1.0 - Cross-Site Scripting via addq.php id Parameter
A vulnerability, which was classified as problematic, was found in SourceCodester Online Courseware 1.0. This affects an unknown part of the file addq.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259599.
CVSS 3.5
CVE-2024-3428 WRITEUP LOW WRITEUP
SourceCodester Online Courseware 1.0 - Cross-Site Scripting via edit.php id Parameter
A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259600.
CVSS 3.5