Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-49986

A cross-site scripting XSS vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

CVE-2023-49981

A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization...

CVE-2023-49985

A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...

CVE-2023-49987

A cross-site scripting XSS vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter...

VulnCheck KEV: CVE-2025-6403

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

School Fees Payment Management System /ajax.php?action=login File SQL Injection Vulnerability

School Fees Payment Management System is a tuition payment management system. The School Fees Payment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement for the parameter Username in the file...

School Fees Payment Management System /ajax.php?action=save_course File SQL Injection Vulnerability

School Fees Payment Management System is a tuition payment management system. The School Fees Payment Management System suffers from a SQL injection vulnerability that originates from a lack of validation of an externally entered SQL statement in the parameter ID of the file...

CVE-2025-13274

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

CVE-2025-13273

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13271

A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-13272

A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /managecourse.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be us...

CVE-2025-13269

A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=savepayment. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-13270

A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=savecourse. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could...

CVE-2025-13274

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

CVE-2025-13274

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...

CVE-2025-13273

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13273

A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepayment. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be...

CVE-2025-13274

CVE-2025-13274 affects Campcodes School Fees Payment Management System 1.0. The vulnerability is a SQL injection in the /ajax.php?action=delete_fees handler, caused by manipulation of the ID parameter. It can be exploited remotely and an exploit has been made public. The available connected docum...

EUVD-2025-197782

A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deletefees. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The...