391 matches found
SIMS 路径遍历漏洞
SIMS is a student and teacher information management tool developed by RawChen. Versions of SIMS 004f783b1db5ecdfad81c8fdc3b34171211112de and earlier have a path traversal vulnerability. This vulnerability stems from the handling of the filename parameter in the DeleteFileServlet endpoint...
CVE-2025-15053
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
CVE-2025-15052
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
CVE-2025-15052
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
CVE-2025-15053
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
CVE-2025-15053
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
CVE-2025-15052
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
CVE-2025-15053
CVE-2025-15053 affects code-projects Student Information System 1.0. The flaw is a SQL injection in the /searchresults.php processing of the searchbox parameter, exploitable remotely. Multiple sources confirm an exploit has been published. No concrete remediation/version fix is provided in the su...
CVE-2025-15053 code-projects Student Information System searchresults.php sql injection
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
CVE-2025-15053 code-projects Student Information System searchresults.php sql injection
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
CVE-2025-15052 code-projects Student Information System profile.php cross site scripting
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
CVE-2025-15052 code-projects Student Information System profile.php cross site scripting
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...
CVE-2025-15052
CVE-2025-15052 affects code-projects Student Information System 1.0. The vulnerability resides in the file /profile.php, where manipulation of the firstname/lastname parameters enables cross-site scripting. This can be exploited remotely and there are public exploits. Multiple connected sources (...
Code-Projects Student Information System 代码注入漏洞
Code-Projects Student Information System is a Code-Projects open source student information system. A code injection vulnerability exists in Code-Projects Student Information System version 1.0, which originates from the incorrect manipulation of the parameter firstname/lastname in the file...
PT-2025-52866
Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 1.0 Description A security issue exists in code-projects Student Information System 1.0. The issue involves cross site scripting, potentially allowing remote execution of malicious code...
PT-2025-52867
Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 1.0 Description A flaw exists in the processing of the /searchresults.php file within the software. Manipulation of the searchbox argument can lead to SQL injection. The attack can be performed...
Code-Projects Student Information System SQL注入漏洞
Code-Projects Student Information System is a Code-Projects open source student information system. A SQL injection vulnerability exists in Code-Projects Student Information System version 1.0, which stems from an incorrect manipulation of the searchbox parameter in the file /searchresults.php,...
Open Solutions For Education openSIS 安全漏洞
Open Solutions For Education openSIS is an open source student information management system from Open Solutions For Education, USA. A security vulnerability exists in Open Solutions For Education openSIS version 9.2 and prior versions, which stems from improper access control and could lead to...
CVE-2025-14214
A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...
CVE-2025-14214
A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...