4 matches found
CVE-2025-10477
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...
CVE-2025-10477 kidaze CourseSelectionSystem eligibility.php sql injection
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...
PT-2025-37759
Name of the Vulnerable Software and Affected Versions: kidaze CourseSelectionSystem affected versions not specified Description: A vulnerability exists in kidaze CourseSelectionSystem related to SQL injection. Manipulation of the Branch argument in an unknown function within the...
CVE-2022-24433
The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetchremote, branch, handlerFn function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary...