Vulnerabilities (CVE)

Filtered by vendor Oretnom23 Subscribe
Filtered by product Computer Laboratory Management System
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-8348 1 Oretnom23 1 Computer Laboratory Management System 2024-09-04 6.5 MEDIUM 9.8 CRITICAL
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-8347 1 Oretnom23 1 Computer Laboratory Management System 2024-09-04 6.5 MEDIUM 9.8 CRITICAL
A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-8346 1 Oretnom23 1 Computer Laboratory Management System 2024-09-04 6.5 MEDIUM 9.8 CRITICAL
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-41332 1 Oretnom23 1 Computer Laboratory Management System 2024-08-21 N/A 6.5 MEDIUM
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.
CVE-2024-34480 1 Oretnom23 1 Computer Laboratory Management System 2024-08-08 N/A 9.8 CRITICAL
SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.
CVE-2024-34479 1 Oretnom23 1 Computer Laboratory Management System 2024-08-08 N/A 9.8 CRITICAL
SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.