Filtered by vendor Kashipara
Subscriptions
Total
132 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0272 | 1 Kashipara | 1 Food Management System | 2025-05-16 | 6.3 Medium |
| A vulnerability was found in Kashipara Food Management System up to 1.0 and classified as critical. This issue affects some unknown processing of the file addmaterialsubmit.php. The manipulation of the argument material_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249827. | ||||
| CVE-2024-0283 | 1 Kashipara | 1 Food Management System | 2025-05-16 | 3.5 Low |
| A vulnerability was found in Kashipara Food Management System up to 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file party_details.php. The manipulation of the argument party_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249838 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-42789 | 2 Kashipara, Lopalopa | 2 Music Management System, Music Management System | 2025-05-06 | 6.3 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in "/music/controller.php?page=test" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via the "page" parameter. | ||||
| CVE-2024-42788 | 2 Kashipara, Lopalopa | 2 Music Management System, Music Management System | 2025-05-06 | 6.1 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "artist" parameter fields. | ||||
| CVE-2024-42791 | 2 Kashipara, Lopalopa | 2 Music Management System, Music Management System | 2025-05-06 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_genre. | ||||
| CVE-2024-42787 | 2 Kashipara, Lopalopa | 2 Music Management System, Music Management System | 2025-05-06 | 6.1 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "description" parameter fields. | ||||
| CVE-2024-42765 | 2 Kashipara, Kjayvik | 2 Bus Ticket Reservation System, Bus Ticket Reservation System | 2025-05-06 | 9.8 Critical |
| A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters. | ||||
| CVE-2024-42764 | 2 Kashipara, Kjayvik | 2 Bus Ticket Reservation System, Bus Ticket Reservation System | 2025-05-06 | 9.4 Critical |
| Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php. | ||||
| CVE-2024-42762 | 2 Kashipara, Kjayvik | 2 Bus Ticket Reservation System, Bus Ticket Reservation System | 2025-05-06 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/history.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields. | ||||
| CVE-2024-42763 | 2 Kashipara, Kjayvik | 2 Bus Ticket Reservation System, Bus Ticket Reservation System | 2025-05-06 | 5.4 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in the "/schedule.php" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the "bookingdate" parameter. | ||||
| CVE-2024-42761 | 2 Kashipara, Kjayvik | 2 Bus Ticket Reservation System, Bus Ticket Reservation System | 2025-05-06 | 6.1 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin_schedule.php" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter. | ||||
| CVE-2024-50839 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subject_code and title parameters. | ||||
| CVE-2024-50840 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the class_name parameter. | ||||
| CVE-2024-50841 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the date_start, date_end, and title parameters. | ||||
| CVE-2024-50842 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the school_year parameter. | ||||
| CVE-2024-50837 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters. | ||||
| CVE-2024-50838 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2025-05-06 | 5.4 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters. | ||||
| CVE-2024-42768 | 2 Jayesh, Kashipara | 2 Hotel Management System, Hotel Management | 2025-04-30 | 6.8 Medium |
| A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php. | ||||
| CVE-2024-42769 | 2 Jayesh, Kashipara | 2 Hotel Management System, Hotel Management System | 2025-04-30 | 6.1 Medium |
| A Reflected Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php " of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via "user_fname" and "user_lname" parameters. | ||||
| CVE-2024-42770 | 2 Jayesh, Kashipara | 2 Hotel Management System, Hotel Management | 2025-04-30 | 4.7 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "user_email" parameter. | ||||