Lucene search

College Management System V1.0 Security Vulnerabilities

cve

CVE-2022-39179

College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php...

7.2CVSS

7.7AI Score

0.001EPSS

2022-11-17 11:15 PM

cve

CVE-2022-39180

College Management System v1.0 - SQL Injection (SQLi). By inserting SQL commands to the username and password fields in the login.php...

9.8CVSS

10AI Score

0.001EPSS

2022-11-17 11:15 PM

cve

CVE-2022-32420

College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP...

8.8CVSS

8.9AI Score

0.006EPSS

2022-07-01 09:15 PM

cve

CVE-2022-30404

College Management System v1.0 is vulnerable to SQL Injection via...

7.2CVSS

7.3AI Score

0.001EPSS

2022-05-13 03:15 PM

cve

CVE-2022-28079

College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code...

8.8CVSS

8.8AI Score

0.596EPSS

2022-05-05 05:15 PM

cve

CVE-2022-26615

A cross-site scripting (XSS) vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text...

5.4CVSS

5.2AI Score

0.001EPSS

2022-04-05 02:15 AM