Oretnom23

Computer Laboratory Management System

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-45956

Exploit
  • EPSS 0.3%
  • Veröffentlicht 29.04.2025 00:00:00
  • Zuletzt bearbeitet 14.05.2025 21:01:22

A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

8.8

CVE-2024-54818

  • EPSS 0.09%
  • Veröffentlicht 08.01.2025 19:15:38
  • Zuletzt bearbeitet 16.04.2025 15:14:42

SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list.

4.3

CVE-2024-40443

Exploit
  • EPSS 6.32%
  • Veröffentlicht 13.11.2024 20:15:17
  • Zuletzt bearbeitet 16.04.2025 15:06:12

SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the delete_users function in the Useres.php

9.8

CVE-2024-8348

Exploit
  • EPSS 0.23%
  • Veröffentlicht 30.08.2024 22:15:08
  • Zuletzt bearbeitet 04.09.2024 16:43:30

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation ...

9.8

CVE-2024-8347

Exploit
  • EPSS 0.23%
  • Veröffentlicht 30.08.2024 22:15:07
  • Zuletzt bearbeitet 04.09.2024 16:42:49

A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argume...

9.8

CVE-2024-8346

Exploit
  • EPSS 0.23%
  • Veröffentlicht 30.08.2024 21:15:16
  • Zuletzt bearbeitet 04.09.2024 16:37:22

A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argume...

6.5

CVE-2024-41332

Exploit
  • EPSS 0.08%
  • Veröffentlicht 12.08.2024 13:38:30
  • Zuletzt bearbeitet 21.08.2024 18:53:15

Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.

9.8

CVE-2024-34480

Exploit
  • EPSS 0.26%
  • Veröffentlicht 07.08.2024 16:15:44
  • Zuletzt bearbeitet 08.08.2024 15:35:10

SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.

9.8

CVE-2024-34479

Exploit
  • EPSS 0.14%
  • Veröffentlicht 07.08.2024 16:15:44
  • Zuletzt bearbeitet 08.08.2024 15:10:12

SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.

6.1

CVE-2024-31586

Exploit
  • EPSS 0.27%
  • Veröffentlicht 20.06.2024 21:15:49
  • Zuletzt bearbeitet 11.04.2025 15:15:56

A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters.