Personnel Property Equipment System
Monthly
Personnel Property Equipment System has a fourth SQL injection.
Personnel Property Equipment System v1.0 has a third SQL injection.
Arbitrary code execution in Personnel Property Equipment System v1.0 allows authenticated attackers with high privileges to execute malicious code through the admin picture upload functionality. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can achieve complete compromise of confidentiality, integrity, and availability on affected systems.
Personnel Property Equipment System v1.0 has a second SQL injection in a different admin endpoint.
Personnel Property Equipment System v1.0 has SQL injection in admin panel.
A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0.php of the component GET Parameter Handler. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Personnel Property Equipment System has a fourth SQL injection.
Personnel Property Equipment System v1.0 has a third SQL injection.
Arbitrary code execution in Personnel Property Equipment System v1.0 allows authenticated attackers with high privileges to execute malicious code through the admin picture upload functionality. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can achieve complete compromise of confidentiality, integrity, and availability on affected systems.
Personnel Property Equipment System v1.0 has a second SQL injection in a different admin endpoint.
Personnel Property Equipment System v1.0 has SQL injection in admin panel.
A vulnerability, which was classified as problematic, was found in SourceCodester Personnel Property Equipment System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in SourceCodester Personnel Property Equipment System 1.0.php of the component GET Parameter Handler. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.