Judging Management System Project Judging Management System vulnerabilities

CVE-2023-5589 [CRITICAL] CWE-89 CVE-2023-5589: A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as c A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier

CVE-2023-37682 [CRITICAL] CWE-89 CVE-2023-37682: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the id pa Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-jms/deductScores.php.

CVE-2023-30245 [CRITICAL] CWE-89 CVE-2023-30245: SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to exe SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file.

CVE-2023-30246 [CRITICAL] CWE-89 CVE-2023-30246: SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to exe SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter.

CVE-2023-30018 [CRITICAL] CWE-89 CVE-2023-30018: Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mai Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=.

CVE-2023-30203 [CRITICAL] CWE-89 CVE-2023-30203: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php.

CVE-2023-30077 [CRITICAL] CWE-89 CVE-2023-30077: Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-j Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id.

CVE-2023-30204 [CRITICAL] CWE-89 CVE-2023-30204: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php.

CVE-2023-30076 [CRITICAL] CWE-89 CVE-2023-30076: Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judg Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=.

CVE-2023-2108 [CRITICAL] CWE-89 CVE-2023-2108: A vulnerability has been found in SourceCodester Judging Management System 1.0 and classified as cri A vulnerability has been found in SourceCodester Judging Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_contestant.php. The manipulation of the argument contestant_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public

CVE-2023-1556 [CRITICAL] CWE-89 CVE-2023-1556: A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as c A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file summary_results.php. The manipulation of the argument main_event_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publi

CVE-2023-24642 [CRITICAL] CWE-89 CVE-2023-24642: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid p Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateTxtview.php.

CVE-2023-24641 [CRITICAL] CWE-89 CVE-2023-24641: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid p Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateview.php.

CVE-2023-24643 [CRITICAL] CWE-89 CVE-2023-24643: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid p Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php.

CVE-2023-24317 [HIGH] CWE-434 CVE-2023-24317: Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via t Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php.

CVE-2022-46623 [HIGH] CWE-89 CVE-2022-46623: Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the use Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the username parameter.

CVE-2022-46622 [MEDIUM] CWE-79 CVE-2022-46622: A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to exe A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter.