237 matches found
CVE-2026-3403
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-3403
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-3403
Affected software: PHPGurukul Student Record Management System 1.0. Vulnerability: cross-site scripting via /edit-subject.php when the Subject parameter is manipulated. Root cause: unknown processing of the file leads to XSS. Impact: remote attacker can induce script execution; CVSS metrics indic...
CVE-2026-3403
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-3403 PHPGurukul Student Record Management System edit-subject.php cross site scripting
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-3403 PHPGurukul Student Record Management System edit-subject.php cross site scripting
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-3402 PHPGurukul Student Record Management System edit-course.php cross site scripting
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The...
EUVD-2026-9135
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The...
CVE-2026-3402
CVE-2026-3402 affects PHPGurukul Student Record Management System up to version 1.0. The vulnerability targets the /edit-course.php code path, where manipulation of the Course Short Name argument enables cross-site scripting. Exploitation is remote and the exploit has been publicly disclosed. CVS...
CVE-2026-3402
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The...
PT-2026-22525
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...
PT-2026-22524
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The...
CVE-2026-25806
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes in backend/src/routes/student.routes.ts only enforce authentication using authenticateToken but do...
CVE-2025-1902
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has...
Student Record System manage-students.php Component Cross-Site Request Forgery Vulnerability
Student Record System is a software application. Student Record System suffers from a cross-site request forgery vulnerability that stems from the manage-students.php component not adequately verifying that a request is from a trusted user, which could be exploited by an attacker to cause...
CVE-2025-63955
A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...
CVE-2025-63955
A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...
Student Record System admin-profile.php file cross-site scripting vulnerability
Student Record System is a software application. Student Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the adminname and aemailid parameters of admin-profile.php, which can be exploited to...
Student Record System password-recovery.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for the id and emailid parameters in password-recovery.php. An attacker can exploit this vulnerability to...
Student Record System change-password.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from a lack of validation of the currentpassword parameter in change-password.php against an externally entered SQL statement. An attacker can exploit this vulnerability to...