11 matches found
CVE-2025-10113
A security vulnerability has been detected in itsourcecode Student Information Management System 1.0. This affects an unknown function of the file /admin/modules/room/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2025-10113
A security vulnerability has been detected in itsourcecode Student Information Management System 1.0. This affects an unknown function of the file /admin/modules/room/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2025-10113 itsourcecode Student Information Management System index.php sql injection
A security vulnerability has been detected in itsourcecode Student Information Management System 1.0. This affects an unknown function of the file /admin/modules/room/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has...
CVE-2025-10113
CVE-2025-10113 affects itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in /admin/modules/room/index.php caused by manipulation of the ID argument. Remote exploitation is possible, and the exploit has been publicly disclosed. Some sources note a workaro...
itsourcecode Student Information Management System SQL注入漏洞
itsourcecode Student Information Management System is itsourcecode open source student information management system. SQL injection vulnerability exists in itsourcecode Student Information Management System version 1.0, the vulnerability stems from incorrect manipulation of the parameter ID in th...
CVE-2022-22909
HotelDruid v3.0.3 was discovered to contain a remote code execution RCE vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module...
CVE-2015-8601
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors...
Remote Code Execution (RCE)
HotelDruid is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization allowing an attacker to insert a maliciously crafted payload into the name field under the Create New Room module...
CVE-2022-22909
HotelDruid v3.0.3 is affected by a remote code execution (RCE) vulnerability that can be triggered by inserting a crafted payload into the name field in the Create New Room module. The underlying issue arises from room names being stored in /var/www/html/hoteldruid/dati/selectappartamenti.php, a ...
CVE-2015-8601
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors...
CVE-2015-8601
CVE-2015-8601 affects the Drupal Chat Room module for Drupal 7.x (versions before 7.x-2.2). The vulnerability arises from insufficient permission checks when establishing a websocket for chat messages, enabling remote attackers to bypass access controls and read messages in arbitrary chat rooms v...