81 matches found
EUVD-2024-44250
Malicious code in bioql PyPI...
CVE-2024-5235
A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teachersalaryinvoice.php. The manipulation of the argument teacherid leads to sql injection. It is possible to launch the attack...
CVE-2024-33402
A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33807
A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...
CVE-2024-33799
A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...
PT-2024-25493 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get grade.php" API endpoint. Recommendations: For...
PT-2024-25495 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get timetable.php" API endpoint. This could...
PT-2024-25489 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue exists in the /model/get student subject.php file, allowing an attacker to execute arbitrary SQL commands by manipulating the index parameter...
PT-2024-25488 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the id parameter in the "/model/get subject routing.php" API endpoint...
CVE-2024-34932
A SQL injection vulnerability in /model/updateexam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter...
CVE-2024-34933
A SQL injection vulnerability in /model/updategrade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admissionfee parameter...
CVE-2024-34929
A SQL injection vulnerability in /view/findfriends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the myindex parameter...
CVE-2024-34930
A SQL injection vulnerability in /model/allevents1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter...
CVE-2024-5238
A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/timetableinsertform.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack...
CVE-2024-5234
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/teachersalaryhistory1.php. The manipulation of the argument index leads to sql injection. The attack may be initiated...
CVE-2024-5232
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as critical. This affects an unknown part of the file /view/teachersalarydetails2.php. The manipulation of the argument index leads to sql injection. It is possible to initiate the attac...
PT-2024-26259 · Unknown · Campcodes Complete Web-Based School Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A SQL injection issue allows an attacker to execute arbitrary SQL commands via the month parameter in the "/view/event1.php" API endpoint. Recommendations: For...
Campcodes Complete Web-Based School Management System SQL注入漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in the Complete Web-Based School Management System version 1.0, which stems from an incorrect manipulation of the parameter teacherid that can...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the name...
Campcodes Complete Web-Based School Management System 安全漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in the Complete Web-Based School Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the...