11 matches found
CVE-2021-27332
Cross-site scripting XSS vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the classname parameter to updateclass.php...
EUVD-2021-13043
Malware in sbrugna...
CVE-2021-26201
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page...
CVE-2021-26229
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to editstud.php...
CVE-2024-33485
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component...
CVE-2024-33485
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component...
PT-2024-25278
Name of the Vulnerable Software and Affected Versions CASAP Automated Enrollment System version V1.0 Description The issue allows a remote attacker to obtain sensitive information via a crafted payload to the "login.php" component. This is due to a SQL Injection vulnerability in the CASAP Automat...
CVE-2021-40261
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...
CVE-2021-26223
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to viewpay.php...
CVE-2021-26226
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edituser.php...
CVE-2021-27129
CASAP Automated Enrollment System version 1.0 contains a cross-site scripting XSS vulnerability through the Students Edit ROUTE parameter...