RSS   Podatności dla 'Daily tracker system'   RSS

2020-09-09
 
CVE-2020-24194

CWE-79
 
 
A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter.

 
2020-09-03
 
CVE-2020-24193

CWE-89
 
 
A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top