Lucene search
K

54 matches found

Nuclei
Nuclei
added 3 hours ago8 views

Alumni Management System 1.0 - SQL Injection

SourceCodester Alumni Management System 1.0 contains a sqlinjection caused by unsanitized input in admin/login.php, letting attackers bypass authentication, exploit requires injection of malicious SQL payload. id: CVE-2020-29214 info: name: Alumni Management System 1.0 - SQL Injection author:...

9.8CVSS7.4AI score0.04499EPSS
Exploits1References2
NVD
NVD
added 2025/11/20 3:17 p.m.14 views

CVE-2025-13468

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function deleteforum/deletecareer/deletecomment/deletegallery/deleteevent of the file admin/adminclass.php of the component Delete Handler. Executing manipulation of the argument ID can lead to...

8.1CVSS0.0033EPSS
Exploits1References5
CVE
CVE
added 2025/11/20 1:32 p.m.15 views

CVE-2025-13468

Summary (CVE-2025-13468): In SourceCodester Alumni Management System 1.0, the Delete Handler component (admin/admin_class.php) is affected. The vulnerability arises from manipulating the argument ID in functions delete_forum, delete_career, delete_comment, delete_gallery, and delete_event, which ...

8.1CVSS5.5AI score0.0033EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/13 8:3 p.m.4 views

CVE-2025-13059

A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /managecareer.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available t...

9.8CVSS7AI score0.00289EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/12 8:2 p.m.9 views

CVE-2025-13059 SourceCodester Alumni Management System manage_career.php sql injection

A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /managecareer.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available t...

6.5CVSS0.00289EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/12 8:2 p.m.3 views

CVE-2025-13059 SourceCodester Alumni Management System manage_career.php sql injection

A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /managecareer.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available t...

6.5CVSS6.5AI score0.00289EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.3 views

SourceCodester Alumni Management System SQL注入漏洞

SourceCodester Alumni Management System is SourceCodester open source a Php, Mysql-based alumni management system. A SQL injection vulnerability exists in SourceCodester Alumni Management System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /managecareer.php...

9.8CVSS7AI score0.00289EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-12121

Malware in sbrugna...

9.8CVSS9.4AI score0.01479EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20560

Malware in sbrugna...

7.2CVSS7AI score0.0257EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20558

Malware in sbrugna...

9.8CVSS9.2AI score0.22898EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-12123

Malware in sbrugna...

9.8CVSS9.4AI score0.01476EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.9 views

CVE-2021-25212

SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manageevent.php...

9.8CVSS8.6AI score0.01476EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.10 views

CVE-2021-25210

Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...

9.8CVSS7.6AI score0.01479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:28 p.m.7 views

CVE-2020-28071

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting XSS in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS...

4.8CVSS5.4AI score0.00642EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 3:28 p.m.7 views

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

9.8CVSS8.8AI score0.22898EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 3:28 p.m.11 views

CVE-2020-28072

A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE...

7.2CVSS7.5AI score0.0257EPSS
Exploits2
CNVD
CNVD
added 2021/07/23 12:0 a.m.18 views

Sourcecodester Alumni Management System SQL Injection Vulnerability

Sourcecodester Alumni Management System is a Php, Mysql-based alumni management system from Sourcecodester, Inc. SourceCodester Alumni Management System version 1.0 is vulnerable to SQL injection, which allows remote attacker can exploit this vulnerability to execute arbitrary SQL statements via...

9.8CVSS4.5AI score0.01476EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/23 12:0 a.m.9 views

SourceCodester Alumni Management System Code Issue Vulnerability

Sourcecodester Alumni Management System is a Php, Mysql-based alumni management system from Sourcecodester, Inc. A security vulnerability exists in SourceCodester Alumni Management System version 1.0, which could be exploited by attackers to exploit the vulnerability to execute arbitrary code to...

9.8CVSS6AI score0.01479EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/23 12:0 a.m.28 views

CASAP Automated Enrollment SQL Injection Vulnerability (CNVD-2021-57785)

CASAP Automated Enrollment is an automated enrollment system for the CASAP organization. The goal of this project is to provide CASAP with an automated enrollment system to streamline the school's processes and make them more effective, efficient and easily retrievable. SourceCodester Alumni...

9.8CVSS3.2AI score0.01517EPSS
Exploits1References1
NVD
NVD
added 2021/07/22 7:15 p.m.11 views

CVE-2021-25210

Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...

9.8CVSS0.01479EPSS
Exploits0References1
Rows per page
Query Builder