Student File Management System update_user.php File Cross-Site Scripting Vulnerability

Student File Management System is a student file management system. A cross-site scripting vulnerability exists in Student File Management System, which originates from an incorrect operation of the file /admin/updateuser.php, for which no detailed vulnerability details are currently available...

CVE-2025-14645

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/deleteuser.php. The manipulation of the argument userid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2025-14619

A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file loginquery.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...

EUVD-2025-203299

A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/updateuser.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made...

EUVD-2025-203302

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14663

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14663

The CVE-2025-14663 entry relates to code-projects' Student File Management System 1.0 and an XSS vulnerability in the /admin/update_student.php endpoint. The connected CNVD/NVD entries corroborate a cross-site scripting flaw arising from insufficient input filtering/escaping of user-supplied data...

CVE-2025-14640

Affects Code-Projects Student File Management System 1.0. The vulnerability is an SQL injection in the /admin/save_student.php handler, triggered by manipulating the stud_no (or student_no) parameter due to lack of input validation. This can be exploited remotely (attack vector NETWORK) and may a...

CVE-2025-14620 code-projects Student File Management System login_query.php sql injection

A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/loginquery.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit h...

PT-2025-51130

Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description A security flaw exists in code-projects Student File Management System 1.0. The issue affects unknown code within the file /admin/save user.php. Manipulation of the firstname...

Code-Projects Student File Management System SQL注入漏洞

Student File Management System is a student file management system. The Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter studentid in the file /admin/updatestudent.php. An...

PT-2025-38154

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection flaw exists in the /admin/delete student.php file due to manipulation of the stud id argument. This issue is remotely exploitable. The exploit has...