Skip to main content

Daily Tracker System

2 CVEs product

Monthly

CVE-2020-24194 MEDIUM POC This Month

A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Daily Tracker System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-24193 CRITICAL POC Act Now

A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Authentication Bypass Daily Tracker System
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
2.8%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Daily Tracker System
NVD VulDB
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Authentication Bypass Daily Tracker System
NVD Exploit-DB VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy