Vulnerabilities > Oretnom23 > Lost AND Found Information System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-29 | CVE-2024-37856 | Cross-site Scripting vulnerability in Oretnom23 Lost and Found Information System 1.0 Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page. | 5.4 |
| 2023-11-03 | CVE-2023-38965 | Authorization Bypass Through User-Controlled Key vulnerability in Oretnom23 Lost and Found Information System 1.0 Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI. | 9.8 |
| 2023-09-17 | CVE-2023-5018 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. | 9.8 |
| 2023-08-04 | CVE-2023-36159 | Cross-site Scripting vulnerability in Oretnom23 Lost and Found Information System 1.0 Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page. | 6.1 |
| 2023-07-23 | CVE-2023-3850 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. | 9.8 |
| 2023-07-15 | CVE-2023-3679 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability was found in SourceCodester Lost and Found Information System 1.0. | 9.8 |
| 2023-07-15 | CVE-2023-3680 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. | 9.8 |
| 2023-06-28 | CVE-2023-33592 | SQL Injection vulnerability in Oretnom23 Lost and Found Information System 1.0 Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. | 9.8 |
| 2023-06-09 | CVE-2023-3176 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. | 8.8 |
| 2023-06-09 | CVE-2023-3177 | Unspecified vulnerability in Oretnom23 Lost and Found Information System 1.0 A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. | 8.8 |