Lucene search
K

39 matches found

redhatcve
redhatcve
added 2025/05/23 8:52 a.m.5 views

CVE-2024-41248

An Incorrect Access Control vulnerability was found in /smsa/addsubject.php and /smsa/addsubjectsubmit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry...

7.5CVSS5.9AI score0.00536EPSS
Exploits1References1
osv
osv
added 2025/04/30 10:15 a.m.5 views

CVE-2025-4108

A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /add-subject.php. The manipulation of the argument sub1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.00432EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/04/30 12:0 a.m.5 views

PHPGurukul Student Record System 注入漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in parameter sub1 in file /add-subject.php. An attacker can exploit this vulnerability to execute...

9.8CVSS7.8AI score0.00432EPSS
Exploits1References5
osv
osv
added 2024/11/14 6:15 p.m.3 views

CVE-2024-50827

A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...

7.2CVSS5.8AI score0.00379EPSS
Exploits1References1
osv
osv
added 2024/11/14 2:15 p.m.4 views

CVE-2024-50839

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...

5.4CVSS6AI score0.0038EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2024/11/14 12:0 a.m.5 views

PT-2024-34437 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was discovered in the "/admin/add subject.php" and "/lms/admin/add subject.php" API endpoints, allowing remote attackers to execut...

5.4CVSS6.2AI score0.0038EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2024/08/07 12:0 a.m.4 views

PT-2024-29326 · Unknown · Kashipara Responsive School Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: An issue was found in the Kashipara Responsive School Management System, specifically in the /smsa/add subject.php and /smsa/add subject submit.php API endpoints, allowi...

7.5CVSS7.1AI score0.00536EPSS
Exploits1References2
cnvd
cnvd
added 2022/11/24 12:0 a.m.53 views

Phpgurukul Teacher Record Management System Cross-Site Scripting Vulnerability

Phpgurukul Teachers Record Management System version 1.0 contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data on the Add Subject page, which could be exploited by a highly privileged attacker such as an administrator to...

4.8CVSS2.7AI score0.01015EPSS
Exploits1References1
osv
osv
added 2022/11/22 2:15 p.m.5 views

CVE-2022-41445

A cross-site scripting XSS vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page...

4.8CVSS5.9AI score0.01015EPSS
Exploits1References4
nvd
nvd
added 2022/11/22 2:15 p.m.22 views

CVE-2022-41445

A cross-site scripting XSS vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page...

4.8CVSS0.01015EPSS
Exploits1References4
cnnvd
cnnvd
added 2022/11/22 12:0 a.m.5 views

Teachers Record Management System 跨站脚本漏洞

Phpgurukul Teachers Record Management System version 1.0 contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data on the Add Subject page, which could be exploited by a highly privileged attacker such as an administrator to...

4.8CVSS6.1AI score0.01015EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2022/11/22 12:0 a.m.5 views

PT-2022-25875 · Unknown · Record Management System +1

Name of the Vulnerable Software and Affected Versions: Record Management System using CodeIgniter version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "Add Subject" page. Recommendations: For...

4.8CVSS6.6AI score0.01015EPSS
Exploits1References7
vulnrichment
vulnrichment
added 2022/11/22 12:0 a.m.7 views

CVE-2022-41445

A cross-site scripting XSS vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page...

5AI score0.01015EPSS
Exploits1References4
cvelist
cvelist
added 2022/11/22 12:0 a.m.22 views

CVE-2022-41445

A cross-site scripting XSS vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page...

5.2AI score0.01015EPSS
Exploits1References4
cnnvd
cnnvd
added 2021/10/08 12:0 a.m.3 views

Tad Uploader 跨站脚本漏洞

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

6.1CVSS6AI score0.00612EPSS
Exploits0References2
prion
prion
added 2020/12/08 2:15 p.m.13 views

Cross site scripting

SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting XSS via the 'add subject' tab...

3.5CVSS5.2AI score0.00929EPSS
Exploits2References4Affected Software1
exploitpack
exploitpack
added 2013/06/24 12:0 a.m.9 views

aSc Timetables 2013 - Local Stack Buffer Overflow

aSc Timetables 2013 - Local Stack Buffer Overflow !/usr/bin/python Title : ASC Timetables 2013 - Stack Buffer Overflow Vulnerability Researcher : Souhail Hammou Dark-Puzzle Research Team : http://itsecurity.ma Facebook : http://www.facebook.com/dark.puzzle.sec Date : 22/06/2013 Download Website :...

0.3AI score
Exploits0
exploitdb
exploitdb
added 2013/06/24 12:0 a.m.20 views

aSc Timetables 2013 - Local Stack Buffer Overflow

!/usr/bin/python Title : ASC Timetables 2013 - Stack Buffer Overflow Vulnerability Researcher : Souhail Hammou Dark-Puzzle Research Team : http://itsecurity.ma Facebook : http://www.facebook.com/dark.puzzle.sec Date : 22/06/2013 Download Website : www.asctimetables.com/downloaden.html Software...

7.4AI score
Exploits0
zdt
zdt
added 2013/06/22 12:0 a.m.15 views

ASC Timetables 2013 - Stack Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc !/usr/bin/python Title : ASC Timetables 2013 - Stack Buffer Overflow Vulnerability Researcher : Souhail Hammou Dark-Puzzle Research Team : http://itsecurity.ma Facebook : http://www.facebook.com/dark.puzzle.sec Date : 22/06/2013 Download Website ...

7AI score
Exploits0
Rows per page
Query Builder