Dynamic Transaction Queuing System Project Dynamic Transaction Queuing System vulnerabilities
11 known vulnerabilities affecting dynamic_transaction_queuing_system_project/dynamic_transaction_queuing_system.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH8
Vulnerabilities
Page 1 of 1
CVE-2022-45275P3HIGHCVSS 7.2v1.02022-12-12
CVE-2022-45275 [HIGH] CWE-434 CVE-2022-45275: An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings of Dynamic Tr
An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
nvd
CVE-2023-26857P3HIGHCVSS 7.2v1.02023-04-05
CVE-2023-26857 [HIGH] CWE-434 CVE-2023-26857: An arbitrary file upload vulnerability in /admin/ajax.php?action=save_uploads of Dynamic Transaction
An arbitrary file upload vulnerability in /admin/ajax.php?action=save_uploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
nvd
CVE-2022-47790P3CRITICALCVSS 9.8v1.02023-01-09
CVE-2022-47790 [CRITICAL] CWE-89 CVE-2022-47790: Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/i
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=.
nvd
CVE-2022-46954P3CRITICALCVSS 9.8v1.02023-01-13
CVE-2022-46954 [CRITICAL] CWE-89 CVE-2022-46954: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_transaction.
nvd
CVE-2022-46955P3CRITICALCVSS 9.8v1.02023-01-13
CVE-2022-46955 [CRITICAL] CWE-89 CVE-2022-46955: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_queue.
nvd
CVE-2022-46953P4HIGHCVSS 7.2v1.02023-01-13
CVE-2022-46953 [HIGH] CWE-89 CVE-2022-46953: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_window.
nvd
CVE-2022-46951P4HIGHCVSS 7.2v1.02023-01-13
CVE-2022-46951 [HIGH] CWE-89 CVE-2022-46951: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_uploads.
nvd
CVE-2022-46952P4HIGHCVSS 7.2v1.02023-01-13
CVE-2022-46952 [HIGH] CWE-89 CVE-2022-46952: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_user.
nvd
CVE-2022-46950P4HIGHCVSS 7.2v1.02023-01-13
CVE-2022-46950 [HIGH] CWE-89 CVE-2022-46950: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_window.
nvd
CVE-2022-46956P4HIGHCVSS 7.2v1.02023-01-13
CVE-2022-46956 [HIGH] CWE-89 CVE-2022-46956: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php.
nvd
CVE-2023-26856P4HIGHCVSS 7.2v1.02023-04-05
CVE-2023-26856 [HIGH] CWE-89 CVE-2023-26856: Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via
Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login.
nvd