CVE-2022-2698 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

CVE-2022-2698 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

CVE-2022-2697

SourceCodester Simple E-Learning System is affected by a SQL injection in the comment_frame.php file, via the post_id parameter. The vulnerability arises from an unknown function and can be exploited remotely; the exploit has been disclosed publicly. The identifier VDB-205818 is associated with t...

CVE-2022-2697 SourceCodester Simple E-Learning System comment_frame.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file commentframe.php. The manipulation of the argument postid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

PT-2022-18158 · Sourcecodester · Sourcecodester Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple E-Learning System affected versions not specified Description: A critical issue has been found in the SourceCodester Simple E-Learning System, affecting an unknown functionality of the file search.php. The manipulation o...

Sql injection

A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument postid leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2022-2665

SourceCodester Simple E-Learning System contains a SQL injection vulnerability in the classroom.php handling of the post_id parameter. The flaw allows remote exploitation and is documented as disclosed publicly (VDB-205615). Affected component is an unknown functionality of classroom.php; the spe...

CVE-2022-2665 SourceCodester Simple E-Learning System classroom.php sql injection

A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument postid leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2022-2665 SourceCodester Simple E-Learning System classroom.php sql injection

A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument postid leads to sql injection. The attack can be launched remotely. The exploit has...

Simple E-Learning System classRoom.php SQL Injection Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the classRoom.php file. An attacker could use the...

CVE-2022-2489

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

CVE-2022-2490

CVE-2022-2490 affects SourceCodester Simple E-Learning System 1.0. The vulnerability is a SQL injection in an unknown function of the file search.php , triggered by manipulating the parameter classCode (example payload includes 1'||(SELECT 0x74666264 …)). Exploitation is possible remotely, and pu...

CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

CVE-2022-2489

SourceCodester Simple E-Learning System 1.0 contains a SQL injection in classRoom.php via crafted input of the classCode parameter (e.g., 1'||(SELECT ...)). The vulnerability is remote-exploitable and has a CVSSv3.1 base score of 8.8 (HIGH) per NVD, with high impact on confidentiality, integrity,...

Simple e-Learning System Cross-Site Scripting Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version 1.0 of Simple e-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of a Bio parameter in the file /vcs/claireblake to filter the user-supplied data a...