oretnom23 computer_laboratory_management_system CVE 漏洞(30)

CVE 數: 30 CPE versions: View versions table

摘要

本頁列出影響 oretnom23 computer_laboratory_management_system 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 12030 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-3770 A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used. [email protected] 2.1 0.21% 2026-03-08 2026-06-17
CVE-2025-45956 A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter [email protected] 8.8 0.39% 2025-04-29 2026-06-17
CVE-2024-54818 SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. [email protected] 8.8 0.50% 2025-01-08 2026-06-17
CVE-2024-40443 SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the delete_users function in the Useres.php [email protected] 4.3 0.74% 2024-11-13 2026-06-17
CVE-2024-8348 A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. [email protected] 5.3 0.59% 2024-08-30 2026-06-17
CVE-2024-8347 A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. [email protected] 5.3 0.59% 2024-08-30 2026-06-17
CVE-2024-8346 A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. [email protected] 5.3 0.59% 2024-08-30 2026-06-17
CVE-2024-41332 Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories. [email protected] 6.5 0.60% 2024-08-12 2026-06-17
CVE-2024-34480 SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection. [email protected] 9.8 0.60% 2024-08-07 2026-06-17
CVE-2024-34479 SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. [email protected] 9.8 0.70% 2024-08-07 2026-06-17
CVE-2024-31586 A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters. [email protected] 6.1 0.48% 2024-06-20 2026-06-17
CVE-2024-35583 A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field. [email protected] 6.1 0.47% 2024-05-28 2026-06-17
CVE-2024-35582 A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field. [email protected] 6.1 0.42% 2024-05-28 2026-06-17
CVE-2024-35581 A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field. [email protected] 6.1 0.43% 2024-05-28 2026-06-17
CVE-2024-34225 Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters. [email protected] 6.1 0.57% 2024-05-14 2026-06-17
CVE-2024-34224 Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. [email protected] 7.3 0.87% 2024-05-14 2026-06-17
CVE-2024-31545 Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. [email protected] 9.4 0.61% 2024-04-22 2026-06-17
CVE-2024-31547 Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php. [email protected] 9.1 0.61% 2024-04-19 2026-06-17
CVE-2024-31546 Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. [email protected] 9.8 0.73% 2024-04-19 2026-06-17
CVE-2024-3695 A vulnerability has been found in SourceCodester Computer Laboratory Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-260482 is the identifier assigned to this vulnerability. [email protected] 3.5 0.60% 2024-04-12 2026-06-17
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence