Munyweki

Insurance Management System

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-8414

Exploit
  • EPSS 0.15%
  • Veröffentlicht 04.09.2024 17:15:15
  • Zuletzt bearbeitet 06.09.2024 16:44:04

A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launch...

5.4

CVE-2024-7225

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.07.2024 09:15:05
  • Zuletzt bearbeitet 21.11.2024 09:51:08

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /Script/admin/core/update_policy of the component Edit Insurance Policy Page. The manipulatio...

7.5

CVE-2024-7080

Exploit
  • EPSS 0.67%
  • Veröffentlicht 24.07.2024 20:15:05
  • Zuletzt bearbeitet 22.04.2025 16:03:28

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The atta...

4.6

CVE-2024-7068

Exploit
  • EPSS 0.14%
  • Veröffentlicht 24.07.2024 15:15:12
  • Zuletzt bearbeitet 22.04.2025 16:02:21

A vulnerability classified as problematic has been found in SourceCodester Insurance Management System 1.0. This affects an unknown part of the file /Script/admin/core/update_sub_category. The manipulation of the argument name leads to cross site scr...

8.1

CVE-2024-31502

  • EPSS 0.24%
  • Veröffentlicht 26.04.2024 21:15:49
  • Zuletzt bearbeitet 21.11.2024 09:13:39

An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate privileges via a crafted POST request to /admin/core/new_staff.

6.1

CVE-2024-31648

Exploit
  • EPSS 0.12%
  • Veröffentlicht 15.04.2024 21:15:07
  • Zuletzt bearbeitet 20.06.2025 19:14:07

Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/new_category2.

6.4

CVE-2024-31063

Exploit
  • EPSS 0.57%
  • Veröffentlicht 28.03.2024 19:15:49
  • Zuletzt bearbeitet 03.04.2025 15:15:47

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field.

6.1

CVE-2024-31064

Exploit
  • EPSS 0.49%
  • Veröffentlicht 28.03.2024 19:15:49
  • Zuletzt bearbeitet 03.04.2025 15:16:08

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field.

6.1

CVE-2024-31065

Exploit
  • EPSS 0.32%
  • Veröffentlicht 28.03.2024 19:15:49
  • Zuletzt bearbeitet 03.04.2025 15:16:20

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field.

6.1

CVE-2024-31061

Exploit
  • EPSS 0.32%
  • Veröffentlicht 28.03.2024 19:15:48
  • Zuletzt bearbeitet 03.04.2025 15:09:53

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field.