Tuba Kavgacı

16 exploits Active since Feb 2024
CVE-2024-24041 WRITEUP MEDIUM WRITEUP
Remyandrade Travel Journal Using Php And Mysql With Source Code - XSS
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.
CVSS 6.1
CVE-2024-24945 WRITEUP MEDIUM WRITEUP
Travel Journal Using PHP and MySQL with Source Code v1.0 - XSS
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
CVSS 6.1
CVE-2024-25302 WRITEUP CRITICAL WRITEUP
Sourcecodester Event Student Attendance System 1.0 - SQL Injection
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter.
CVSS 9.8
CVE-2024-25304 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."
CVSS 8.8
CVE-2024-25305 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - Auth Bypass
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php.
CVSS 8.8
CVE-2024-25306 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php".
CVSS 8.8
CVE-2024-25307 WRITEUP CRITICAL WRITEUP
Code-projects Cinema Seat Reservation System 1.0 - SQL Injection
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1."
CVSS 9.8
CVE-2024-25308 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php.
CVSS 8.8
CVE-2024-25309 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php.
CVSS 8.8
CVE-2024-25310 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."
CVSS 8.8
CVE-2024-25312 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - SQL Injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5."
CVSS 8.8
CVE-2024-25313 WRITEUP HIGH WRITEUP
Code-projects Simple School Managment System 1.0 - Auth Bypass
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php.
CVSS 8.8
CVE-2024-25314 WRITEUP CRITICAL WRITEUP
Code-projects Hotel Managment System 1.0 - SQL Injection
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2.
CVSS 9.8
CVE-2024-25315 WRITEUP CRITICAL WRITEUP
Code-projects Hotel Managment System 1.0 - SQL Injection
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2.
CVSS 9.8
CVE-2024-25316 WRITEUP CRITICAL WRITEUP
Code-projects Hotel Managment System 1.0 - SQL Injection
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2.
CVSS 9.8
CVE-2024-25318 WRITEUP HIGH WRITEUP
Code-projects Hotel Managment System 1.0 - SQL Injection
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2.
CVSS 8.8