qwe

3 exploits Active since Aug 2022
CVE-2022-2697 WRITEUP MEDIUM WRITEUP
Simple E-learning System - SQL Injection
A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file comment_frame.php. The manipulation of the argument post_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-205818 is the identifier assigned to this vulnerability.
CVSS 6.3
CVE-2022-2699 WRITEUP MEDIUM WRITEUP
Simple E-learning System - SQL Injection
A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205820.
CVSS 6.3
CVE-2023-1179 WRITEUP LOW WRITEUP
Computer Parts Sales And Inventory System - XSS
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument company_name/province/city/phone_number leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222330 is the identifier assigned to this vulnerability.
CVSS 3.5