932 matches found
CVE-2025-15205 code-projects Student File Management System download.php sql injection
A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...
PT-2025-53793
Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A flaw exists in Student File Management System version 1.0 that allows for remote code execution. The issue is related to SQL injection within the /download.php file,...
CVE-2025-15050
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
Student File Management System save_user.php File SQL Injection Vulnerability
Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /admin/saveuser.php. An...
CVE-2025-15050
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
CVE-2025-15050
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
CVE-2025-15050 code-projects Student File Management System save_file.php unrestricted upload
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
CVE-2025-15050 code-projects Student File Management System save_file.php unrestricted upload
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
EUVD-2025-205023
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
Code-Projects Student File Management System 代码问题漏洞
Code-Projects Student File Management System is an open source student file management system from Code-Projects. A code issue vulnerability exists in Code-Projects Student File Management System version 1.0, which stems from incorrect manipulation of the File parameter File in file/savefile.php,...
EUVD-2023-60206
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...
Student File Management System user_id Parameter SQL Injection Vulnerability
Student File Management System is a student file management system. A SQL injection vulnerability exists in Student File Management System, which originates from an incorrect manipulation of the parameter userid in the file /admin/deleteuser.php, and can be exploited by an attacker to obtain or...
Student File Management System update_user.php File Cross-Site Scripting Vulnerability
Student File Management System is a student file management system. A cross-site scripting vulnerability exists in Student File Management System, which originates from an incorrect operation of the file /admin/updateuser.php, for which no detailed vulnerability details are currently available...
CVE-2023-53925
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...
CVE-2023-53925
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...
CVE-2023-53925 UliCMS 2023.1 Stored Cross-Site Scripting via SVG File Upload
UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
A new distributed denial-of-service DDoS botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab...
PT-2025-51963
Name of the Vulnerable Software and Affected Versions UliCMS version 2023.1 Description The software contains a stored cross-site scripting issue that enables attackers to upload malicious SVG files containing JavaScript. Attackers can upload these crafted SVG files through the file management...
CVE-2025-14662
A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...
CVE-2025-14663
A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...