Lucene search
K

939 matches found

OSV
OSV
added 2025/12/30 1:15 a.m.5 views

CVE-2025-15213

A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...

4.3CVSS5.5AI score0.00279EPSS
Exploits1References5
CVE
CVE
added 2025/12/30 1:2 a.m.16 views

CVE-2025-15213

The CVE concerns code-projects Student File Management System 1.0, specifically the File Download Handler’s file /download.php. The vulnerability stems from improper authorization caused by manipulating the store_id argument, enabling remote exploitation. Documentation consistently notes that the...

5.3CVSS6.5AI score0.00279EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/12/30 1:2 a.m.6 views

EUVD-2025-205679

A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...

5.3CVSS6.3AI score0.00279EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.5 views

PT-2025-53831

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description An improper authorization issue exists in the File Download Handler component of code-projects Student File Management System version 1.0. The issue is due to the manipulatio...

5.3CVSS6.2AI score0.00279EPSS
Exploits1References9
NVD
NVD
added 2025/12/29 9:15 p.m.4 views

CVE-2025-15205

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

8.8CVSS0.00301EPSS
Exploits1References5
CVE
CVE
added 2025/12/29 9:2 p.m.15 views

CVE-2025-15205

CVE-2025-15205 affects code-projects’ Student File Management System 1.0. The vulnerability is a SQL injection in the file /download.php triggered by manipulating the istore_id parameter, allowing remote exploitation and potentially exposing or tampering with database information. Public exploit ...

8.8CVSS6.5AI score0.00301EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/29 9:2 p.m.24 views

CVE-2025-15205 code-projects Student File Management System download.php sql injection

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...

6.5CVSS0.00301EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.5 views

PT-2025-53793

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A flaw exists in Student File Management System version 1.0 that allows for remote code execution. The issue is related to SQL injection within the /download.php file,...

8.8CVSS8.3AI score0.00301EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/12/25 12:34 a.m.7 views

CVE-2025-15050

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

8.8CVSS6.3AI score0.00289EPSS
Exploits1References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.3 views

Student File Management System save_user.php File SQL Injection Vulnerability

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter firstname in the file /admin/saveuser.php. An...

9.8CVSS7.9AI score0.00357EPSS
Exploits1References1
NVD
NVD
added 2025/12/24 1:16 a.m.8 views

CVE-2025-15050

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

8.8CVSS0.00289EPSS
Exploits1References6
OSV
OSV
added 2025/12/24 1:16 a.m.6 views

CVE-2025-15050

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

8.8CVSS5.5AI score0.00289EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/24 12:32 a.m.4 views

CVE-2025-15050 code-projects Student File Management System save_file.php unrestricted upload

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

6.5CVSS6.5AI score0.00289EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/24 12:32 a.m.29 views

CVE-2025-15050 code-projects Student File Management System save_file.php unrestricted upload

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

6.5CVSS0.00289EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/24 12:32 a.m.4 views

EUVD-2025-205023

A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...

6.5CVSS6.3AI score0.00289EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

Code-Projects Student File Management System 代码问题漏洞

Code-Projects Student File Management System is an open source student file management system from Code-Projects. A code issue vulnerability exists in Code-Projects Student File Management System version 1.0, which stems from incorrect manipulation of the File parameter File in file/savefile.php,...

8.8CVSS6.6AI score0.00289EPSS
Exploits1References7
EUVD
EUVD
added 2025/12/18 12:34 a.m.6 views

EUVD-2023-60206

UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...

5.4CVSS6AI score0.00304EPSS
Exploits1References4
CNVD
CNVD
added 2025/12/18 12:0 a.m.5 views

Student File Management System user_id Parameter SQL Injection Vulnerability

Student File Management System is a student file management system. A SQL injection vulnerability exists in Student File Management System, which originates from an incorrect manipulation of the parameter userid in the file /admin/deleteuser.php, and can be exploited by an attacker to obtain or...

9.8CVSS7.7AI score0.00357EPSS
Exploits1References1
CNVD
CNVD
added 2025/12/18 12:0 a.m.3 views

Student File Management System update_user.php File Cross-Site Scripting Vulnerability

Student File Management System is a student file management system. A cross-site scripting vulnerability exists in Student File Management System, which originates from an incorrect operation of the file /admin/updateuser.php, for which no detailed vulnerability details are currently available...

5.4CVSS4AI score0.00193EPSS
Exploits1References1
NVD
NVD
added 2025/12/17 11:15 p.m.10 views

CVE-2023-53925

UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...

6.1CVSS0.00304EPSS
Exploits1References3
Rows per page
Query Builder