39 matches found
CVE-2026-25806
PlaciPy (version 1.0.0) exposes potential IDOR-like authorization gaps on student records via GET /api/students/:email, PUT /api/students/:email/status, and DELETE /api/students/:email. The backend only enforces authentication (authenticateToken) and does not verify ownership, administrative/staf...
EUVD-2025-203285
A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...
CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection
A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...
CVE-2025-14646
The CVE-2025-14646 entry describes a SQL injection in code-projects Student File Management System 1.0, triggered by manipulating the stud_id parameter in /admin/delete_student.php. Connected documents (CNVD-2026-00828, RH:CVE-2025-14646, CNNVD-202512-2597, VULNRICHMENT/CVE-2025-14646, PT-2025-51...
Code-Projects Student File Management System SQL注入漏洞
Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter studentid in the file /admin/deletestudent.php. An...
EUVD-2025-26229
Malicious code in bioql PyPI...
CVE-2025-10594
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2025-10594
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2025-10594
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2025-10594 SourceCodester Online Student File Management System delete_student.php sql injection
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2025-10594 SourceCodester Online Student File Management System delete_student.php sql injection
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2025-10594
CVE-2025-10594 affects SourceCodester Online Student File Management System 1.0. The vulnerability is an SQL injection in the /admin/delete_student.php endpoint caused by unsafely manipulating the stud_id parameter, exploitable remotely. Multiple connected sources confirm the flaw; exploit is pub...
PT-2025-38154
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection flaw exists in the /admin/delete student.php file due to manipulation of the stud id argument. This issue is remotely exploitable. The exploit has...
CVE-2025-9666
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /deletestudent.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely...
CVE-2025-9666
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /deletestudent.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely...
CVE-2025-9666 code-projects Simple Grading System Admin Panel delete_student.php sql injection
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /deletestudent.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely...
CVE-2025-9666
The CVE-2025-9666 entry concerns code-projects Simple Grading System 1.0 with an SQL injection in the Admin Panel’s /delete_student.php. The vulnerability arises from unsafely handling the ID parameter in delete_student.php, enabling remote attackers to manipulate SQL statements and potentially e...
CVE-2025-9666 code-projects Simple Grading System Admin Panel delete_student.php sql injection
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /deletestudent.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely...
Code-Projects Simple Grading System 安全漏洞
Simple Grading System is a simple grading system. Simple Grading System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /deletestudent.php. An attacker can exploit this vulnerability to execute...
CVE-2025-8494
A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/deletestudent.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated...