Home Owners Collection Management System Project

home_owners_collection_management_system_project

15 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Home Owners Collection Management System

home_owners_collection_management_system

CVEs (15)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6440 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Jul 2, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=delete_category. The manipul...Show more A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270168.Show less
CVE-2024-6439 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Jul 2, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of t...Show more A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270167.Show less
CVE-2022-28078 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 May 11, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter.
CVE-2022-28077 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 May 11, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter.
CVE-2022-28417 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Apr 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase.
CVE-2022-28416 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Apr 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase.
CVE-2022-28415 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Apr 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection.
CVE-2022-28414 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Apr 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member.
CVE-2022-25115 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Mar 2, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A remote code execution (RCE) vulnerability in the Avatar parameter under /admin/?page=user/manage_user of Home Owners Collection Management System v1.0 allows attackers to execute arbitrary code via a crafted PNG file.
CVE-2022-25045 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Mar 2, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel.
CVE-2022-25016 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Mar 2, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /student_attendance/index.php. This vulnerability allows attackers to execute arbitrary cod...Show more Home Owners Collection Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /student_attendance/index.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.Show less
CVE-2022-25028 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Feb 28, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Home Owners Collection Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the collected_by parameter under the List of Collections module.
CVE-2022-25096 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Feb 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /members/view_member.php.
CVE-2022-25095 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Feb 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Home Owners Collection Management System v1.0 allows unauthenticated attackers to compromise user accounts via a crafted POST request.
CVE-2022-25094 1Home Owners Collection Management System Project 1Home Owners Collection Management System Nov 21, 2024 Feb 26, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Home Owners Collection Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the parameter "cover" in SystemSettings.php.