662 matches found
CVE-2026-10167
A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function signauthcookie of the file application/controllers/Login.php of the component MYController. Executing a manipulation of the argumen...
CVE-2026-10167
CVE-2026-10167 affects the OUSL-GROUP-BrinaryBrains School Student Management System, specifically the MY_Controller component’s Login.php, function sign_auth_cookie. A manipulation of the role argument can lead to improper authentication, with remote exploitation possible. Public exploit exists....
EUVD-2026-33487
A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function signauthcookie of the file application/controllers/Login.php of the component MYController. Executing a manipulation of the argumen...
PT-2026-45170
A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign auth cookie of the file application/controllers/Login.php of the component MY Controller. Executing a manipulation of the...
PT-2026-45172
A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax forgot password of the file application/controllers/Login.php of the component Forgot Password Endpoint. Th...
CVE-2026-10112
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2026-10111
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The...
CVE-2026-10112
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2026-10112 sambitraj STUDENT-MANAGEMENT-SYSTEM Dashboard cross site scripting
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2026-10112 sambitraj STUDENT-MANAGEMENT-SYSTEM Dashboard cross site scripting
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
EUVD-2026-33451
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2026-10112
CVE-2026-10112: Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-10111 sambitraj STUDENT-MANAGEMENT-SYSTEM Login Page sql injection
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The...
CVE-2026-10111
CVE-2026-10111 affects the sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0 Login Page. The vulnerability occurs when manipulating the argument email , which can lead to SQL injection . It is exploitable remotely and the exploit has been published. The issue was reported to the project early via an issue ...
CVE-2026-10111 sambitraj STUDENT-MANAGEMENT-SYSTEM Login Page sql injection
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The...
EUVD-2026-33450
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The...
CVE-2026-10111
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The...
PT-2026-45076
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
PT-2026-45075
Name of the Vulnerable Software and Affected Versions sambitraj STUDENT-MANAGEMENT-SYSTEM version 1.0 Description A remote SQL injection exists within the Login Page component. This occurs when the email argument is manipulated, allowing an attacker to interfere with the database queries...
Student-Management-System 代码注入漏洞
Student-Management-System is an open-source student information management system developed by Cyber-III. Version 1.0 of STUDENT-MANAGEMENT-SYSTEM contains a code injection vulnerability. This vulnerability stems from the Name parameter on the dashboard page, which contains cross-site scripting,...