Lucene search
K

21 matches found

EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-41793

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS6.6AI score
Exploits0References7
CVE
CVE
added yesterday9 views

CVE-2026-14778

The CVE concerns SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerability is in the Enrollment Management component, specifically the /ajax_enroll.php file, where manipulation of the arguments student_id, schedule_id, or action leads to improper authorization. This all...

7.5CVSS6.6AI score
Exploits0References6
NVD
NVD
added 6 days ago9 views

CVE-2026-58165

OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...

8.8CVSS0.00244EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-58165 OpenZiti - Privilege Escalation to Admin via Unauthorized Enrollment Creation

OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...

8.8CVSS0.00244EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40371

OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-53916

Name of the Vulnerable Software and Affected Versions OpenZiti versions prior to 2.0.1 Description A privilege escalation flaw exists in the controller enrollment management path. An authenticated non-admin identity with fine-grained enrollment management permissions can create enrollments for an...

8.8CVSS6AI score0.00244EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-27753

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01477EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-27752

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.01635EPSS
Exploits4References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-27754

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00843EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31421

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 p.m.7 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

6.5CVSS7.4AI score0.00843EPSS
Exploits0
OSV
OSV
added 2021/12/28 12:15 p.m.4 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

6.5CVSS6.7AI score0.00843EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/28 11:59 a.m.21 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

7.1AI score0.00843EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/27 12:0 a.m.15 views

Online Enrollment Management System SQL Injection Vulnerability

Online Enrollment Management System is an open source online enrollment management system. Online Enrollment Management System version 1.0 contains a SQL injection vulnerability that stems from the lack of effective filtering and escaping of the id parameter, which could be exploited to retrieve...

7.5CVSS2.6AI score0.01214EPSS
Exploits1References1
NVD
NVD
added 2021/12/23 1:15 p.m.10 views

CVE-2021-44599

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

7.5CVSS0.01214EPSS
Exploits1References1
Prion
Prion
added 2021/12/23 1:15 p.m.11 views

Sql injection

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

5CVSS7.6AI score0.01214EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/12/23 12:31 p.m.35 views

CVE-2021-44599

CVE-2021-44599 affects Online Enrollment Management System 1.0. The issue is a SQL injection in the id parameter, where a crafted payload can invoke MySQL load_file via a UNC path referencing an external URL, with the app interacting with that domain, indicating query execution. Root cause: lack ...

7.5CVSS7.5AI score0.01214EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/23 12:31 p.m.15 views

CVE-2021-44599

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

7.8AI score0.01214EPSS
Exploits1References1
NVD
NVD
added 2021/11/08 6:15 p.m.21 views

CVE-2021-40577

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter...

5.4CVSS0.01635EPSS
Exploits4References2
CVE
CVE
added 2021/11/08 5:45 p.m.63 views

CVE-2021-40577

CVE-2021-40577 is a stored XSS vulnerability in the Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, affecting the Add-Users page via the Name parameter. The issue arises from storing unsanitized input that is later reflected, enabling a persistent script...

5.4CVSS5.4AI score0.01635EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder