50 matches found
CVE-2021-27129
CASAP Automated Enrollment System version 1.0 contains a cross-site scripting XSS vulnerability through the Students Edit ROUTE parameter...
EUVD-2021-26628
Malware in sbrugna...
EUVD-2021-13897
Malware in sbrugna...
EUVD-2021-27445
Malware in sbrugna...
EUVD-2024-31223
Malicious code in bioql PyPI...
CVE-2021-26226
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edituser.php...
CVE-2021-26223
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to viewpay.php...
CVE-2021-3294
CASAP Automated Enrollment System 1.0 is affected by cross-site scripting XSS in users.php. An attacker can steal a cookie to perform user redirection to a malicious website...
CVE-2024-33485
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component...
CVE-2024-33485
CASAP Automated Enrollment System, version V1.0, contains a SQL Injection in the login.php component (PHP/MySQLi) that could allow a remote attacker to leak sensitive information. Root cause: improper handling of user input in SQL queries. Mitigation in the connected document: disable the login f...
CVE-2021-40261
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...
Cross site scripting
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...
CVE-2021-40261
CVE-2021-40261 refers to multiple reflected XSS vulnerabilities in SourceCodester CASAP Automated Enrollment System 1.0. The connected sources describe that the vulnerability arises from lack of input validation in the web application, enabling an attacker to execute client-side code. The affecte...
CVE-2021-40261
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...
CVE-2021-27332
Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the classname parameter to updateclass.php...
Cross site scripting
Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the classname parameter to updateclass.php...
Sql injection
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to viewpay.php...
CVE-2021-27332
Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the classname parameter to updateclass.php...
CVE-2021-27332
The CVE-2021-27332 entry is confirmed to describe a Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v1.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php. The Red Hat, CN...
CVE-2021-26223
CVE-2021-26223 affects the SourceCodester CASAP Automated Enrollment System v1.0. The vulnerability is an SQL injection in the parameter id of view_pay.php, enabling remote attackers to execute arbitrary SQL statements. The issue is described as network-exposed with low attack complexity and no a...