Mayurik

Petrol Pump Management

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2024-10407

  • EPSS 0.08%
  • Veröffentlicht 27.10.2024 00:15:12
  • Zuletzt bearbeitet 29.10.2024 20:47:53

A vulnerability, which was classified as critical, was found in SourceCodester Petrol Pump Management Software 1.0. This affects an unknown part of the file /admin/edit_customer.php. The manipulation of the argument id leads to sql injection. It is p...

7.2

CVE-2024-10406

  • EPSS 0.08%
  • Veröffentlicht 26.10.2024 22:15:02
  • Zuletzt bearbeitet 29.10.2024 20:48:36

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_fuel.php. The manipulation of the argument id leads ...

7.5

CVE-2024-10380

  • EPSS 0.12%
  • Veröffentlicht 25.10.2024 13:15:17
  • Zuletzt bearbeitet 01.11.2024 16:11:00

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/ajax_product.php. The manipulation of the argument drop_s...

4.9

CVE-2024-10354

  • EPSS 0.1%
  • Veröffentlicht 25.10.2024 01:15:13
  • Zuletzt bearbeitet 30.10.2024 16:32:48

A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injectio...

4.9

CVE-2024-10355

Exploit
  • EPSS 1.07%
  • Veröffentlicht 25.10.2024 01:15:13
  • Zuletzt bearbeitet 30.10.2024 17:13:02

A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to...

8.8

CVE-2024-28558

Exploit
  • EPSS 1.81%
  • Veröffentlicht 15.04.2024 19:15:09
  • Zuletzt bearbeitet 27.03.2025 20:19:53

SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php.

6.1

CVE-2024-27743

Exploit
  • EPSS 2.62%
  • Veröffentlicht 01.03.2024 22:15:47
  • Zuletzt bearbeitet 28.03.2025 14:34:38

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the Address parameter in the add_invoices.php component.

6.1

CVE-2024-27744

Exploit
  • EPSS 3.52%
  • Veröffentlicht 01.03.2024 22:15:47
  • Zuletzt bearbeitet 28.03.2025 14:34:30

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.

9.8

CVE-2024-27746

Exploit
  • EPSS 0.74%
  • Veröffentlicht 01.03.2024 22:15:47
  • Zuletzt bearbeitet 28.03.2025 14:34:25

SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component.

9.8

CVE-2024-27747

Exploit
  • EPSS 15.02%
  • Veröffentlicht 01.03.2024 22:15:47
  • Zuletzt bearbeitet 28.03.2025 14:34:16

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component.