CVE-2026-10808

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /managestudent.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use...

EUVD-2026-34254

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /managestudent.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use...

CVE-2026-9471

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

CVE-2026-9471

CVE-2026-9471 affects yashpokharna2555 StudentManagementSystem, specifically the /student.php file. The description states that manipulating the FIRST_NAME argument allows cross-site scripting, with remote initiation and a publicly available exploit. No product version details are provided. CVSS ...

PT-2026-43086

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRST NAME results in cross site scripting. The attack can be initiated remotely...

SB Admin 代码注入漏洞

SB Admin is a Bootstrap based open source admin backend template by Yash Pokharna individual developer. SB Admin suffers from a code injection vulnerability that stems from manipulation of the parameter FIRSTNAME in the file /student.php, which could lead to a cross-site scripting attack. An...

CVE-2026-4485

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/searchstudent.php. The manipulation of the argument Search leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...

Student File Management System /save_student.php File SQL Injection Vulnerability

Student File Management System is a student file management system. Student File Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter studentno in the file /admin/savestudent.php. An attacker...

EUVD-2025-203302

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14663 code-projects Student File Management System update_student.php cross site scripting

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-14663 code-projects Student File Management System update_student.php cross site scripting

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

CVE-2025-10848

CVE-2025-10848 affects Campcodes Society Membership Information System 1.0. The vulnerability arises from improper handling of the parameter student_id in the file /check_student.php , enabling remote SQL injection . Multiple sources note the exploit is publicly available, indicating potential ac...

CVE-2025-10593

A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/updatestudent.php. Performing manipulation of the argument studid results in sql injection. It is possible to initiate the attack remotely. The exploit is n...

CVE-2025-9666

A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /deletestudent.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely...

CVE-2025-9666

The CVE-2025-9666 entry concerns code-projects Simple Grading System 1.0 with an SQL injection in the Admin Panel’s /delete_student.php. The vulnerability arises from unsafely handling the ID parameter in delete_student.php, enabling remote attackers to manipulate SQL statements and potentially e...

School Fees Payment System student.php File Cross-Site Scripting Vulnerability

School Fees Payment System is a tuition payment system. School Fees Payment System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the sname/contact/about/emailid/transcationremark parameter of the student.php...

CVE-2024-7194

A vulnerability was found in itsourcecode Society Management System 1.0 and classified as critical. This issue affects some unknown processing of the file checkstudent.php. The manipulation of the argument studentid leads to sql injection. The attack may be initiated remotely. The exploit has bee...

CVE-2024-4926 SourceCodester School Intramurals Student Attendance Management System manage_student.php sql injection

A vulnerability was found in SourceCodester School Intramurals Student Attendance Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /intramssams/managestudent.php. The manipulation of the argument id leads to sql injection. It is possible to...