123 matches found
CVE-2026-11333
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
CVE-2026-11333
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
CVE-2026-11333 tittuvarghese CollegeManagementSystem Student Data Upload Endpoint upload_student_data.php unrestricted upload
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
CVE-2026-11333
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
EUVD-2026-34835
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
CVE-2026-11333 tittuvarghese CollegeManagementSystem Student Data Upload Endpoint upload_student_data.php unrestricted upload
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboardpage/forms/uploadstudentdata.php of the component Student Data...
CVE-2026-11333
CVE-2026-11333 affects the tittuvarghese CollegeManagementSystem. The vulnerability is in an unknown function within the dashboard_page/forms/upload_student_data.php component of the Student Data Upload Endpoint. Manipulation of the Student-Data-CSV argument enables unrestricted file upload, with...
PT-2026-46959
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboard page/forms/upload student data.php of the component Student Data...
CollegeManagementSystem 代码问题漏洞
CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. There are code vulnerabilities in CollegeManagementSystem. These vulnerabilities stem from improper handling of the Student-Data-CSV parameter in the...
CVE-2026-47324
ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting XSS in multiple attributes of students and teachers objects. An authorized attacker e.g., a teacher or administrator can inject malicious JavaScript that is subsequently executed in other users’ browsers...
EUVD-2026-34093
ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting XSS in multiple attributes of students and teachers objects. An authorized attacker e.g., a teacher or administrator can inject malicious JavaScript that is subsequently executed in other users’ browsers...
CVE-2026-47324 Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system
ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting XSS in multiple attributes of students and teachers objects. An authorized attacker e.g., a teacher or administrator can inject malicious JavaScript that is subsequently executed in other users’ browsers...
school-management-system 跨站脚本漏洞
School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. The school-management-system has a cross-site scripting vulnerability. This vulnerability stems from multiple attributes of student and teacher objects that contain stored...
PT-2026-45942
ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting XSS in multiple attributes of students and teachers objects. An authorized attacker e.g., a teacher or administrator can inject malicious JavaScript that is subsequently executed in other users’ browsers...
Millions of students’ personal data stolen in major education breach
Instructure, the company behind the Canvas learning management system LMS, confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. The ShinyHunters ransomware group claims it is behind the attack and says it stole roughly 275 million records tied to students,...
CVE-2025-67259
A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...
Exploit for CVE-2026-35678
Vulnerability Research Report: All Eduplus ERP Insecure Direct...
BIT-MOODLE-2025-3627 Moodle: partial data exposure in moodle before completing multi-factor authentication
A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication 2FA...
CVE-2025-13679
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getorderbyid function in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with...
CVE-2025-65594
OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...