📦 Music Management System
by Lopalopa
🔍 What is Music Management System?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A SQL injection vulnerability in Kashipara Music Management System v1.0 allows remote attackers to bypass authentication and execute arbitrary SQL commands via the email parameter in the login endpoin...
Kashipara Music Management System v1.0 contains a SQL injection vulnerability in the manage_playlist_items.php endpoint via the 'pid' parameter. Attackers can execute arbitrary SQL commands to steal, ...
An unrestricted file upload vulnerability in Kashipara Music Management System v1.0 allows attackers to upload malicious PHP files through the signup functionality. This enables remote code execution ...
An incorrect access control vulnerability in Kashipara Music Management System v1.0 allows low-privileged attackers to access administrator functions and take over admin accounts. This affects all use...
A Cross-Site Request Forgery (CSRF) vulnerability in Kashipara Music Management System v1.0 allows attackers to trick authenticated users into performing unauthorized actions, such as modifying user a...
An unrestricted file upload vulnerability in Kashipara Music Management System v1.0 allows attackers to upload malicious PHP files via the /music/ajax.php endpoint. This enables remote code execution ...
A SQL injection vulnerability in Kashipara Music Management System v1.0 allows attackers to execute arbitrary SQL commands via the 'id' parameter in the view_playlist page. This could lead to unauthor...
Kashipara Music Management System v1.0 has an incorrect access control vulnerability in the /music/ajax.php endpoint that allows unauthorized users to modify user accounts. This enables attackers to p...
An unauthenticated attacker can delete music genre entries in Kashipara Music Management System v1.0 via the /music/ajax.php?action=delete_genre endpoint. This vulnerability affects all deployments of...
A reflected cross-site scripting (XSS) vulnerability in Kashipara Music Management System v1.0 allows remote attackers to inject malicious scripts via the 'page' parameter in /music/controller.php. Th...