CVE-2023-3008

CVE-2023-3008 affects ningzichun Student Management System 1.0, specifically the login.php file. The vulnerability is a SQL injection caused by manipulation of the user/pass parameter, exploitable remotely, with public disclosures of exploits. Multiple sources in the connected set confirm the sam...

CVE-2023-3007

The CVE-2023-3007 entry concerns ningzichun Student Management System 1.0. The vulnerability affects the Password Reset Handler’s resetPassword.php, where manipulating the sid parameter leads to weak password recovery. A remote attacker could exploit this, and public disclosure has occurred. Docu...

CVE-2023-3007 ningzichun Student Management System Password Reset resetPassword.php password recovery

A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argument sid leads to weak password recovery. T...

Student Management System 授权问题漏洞

Student Management System is a simple web-based student management software from Sk.Amir Hamza, an individual developer in Bangladesh. An authorization issue vulnerability exists in Student Management System version 1.0, which stems from an incorrect manipulation of the parameter sid that can lea...

Student Management System SQL注入漏洞

Student Management System is a simple web-based student management software by the individual developer of Sk.Amir Hamza, Bangladesh. A SQL injection vulnerability exists in version 1.0 of the ningzichun Student Management System, which stems from an incorrect manipulation of the parameter...

CVE-2023-1397

CVE-2023-1397 affects SourceCodester Online Student Management System v1.0. The vulnerability is in profile.php where manipulating the adminname parameter triggers a cross-site scripting (XSS) flaw. It can be exploited remotely and, per sources, the exploit has been disclosed publicly. Impact is ...

CVE-2023-1397 SourceCodester Online Student Management System profile.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The...

Student Management System 跨站脚本漏洞

Student Management System is a simple web-based student management software from the individual developer Sk.Amir Hamza, Bangladesh. A cross-site scripting vulnerability exists in SourceCodester Online Student Management System version 1.0, which stems from incorrect manipulation of the parameter...

CVE-2023-27213

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php...

CVE-2023-27213

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php...

CVE-2023-27214

Online Student Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the fromdate and todate parameters at /eduauth/student/between-date-reprtsdetails.php...

Sql injection

Online Student Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the fromdate and todate parameters at /eduauth/student/between-date-reprtsdetails.php...

Sql injection

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php...

CVE-2023-27214

Online Student Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the fromdate and todate parameters at /eduauth/student/between-date-reprtsdetails.php...

CVE-2023-27213

CVE-2023-27213 affects Online Student Management System v1.0. The vulnerability is a SQL injection in the searchdata parameter of /eduauth/student/search.php, enabling unauthorized access to data due to improper input handling. The CVSS indicates high impact (Confidentiality/Integrity/Availabilit...

CVE-2023-27214

CVE-2023-27214 affects Online Student Management System v1.0, with multiple SQL injection vulnerabilities exploitable via the fromdate and todate parameters in /eduauth/student/between-date-reprtsdetails.php. Root cause: inadequate input handling allowing injection into SQL queries. Reported impa...

PT-2023-21012 · Unknown · Online Student Management System

Name of the Vulnerable Software and Affected Versions: Online Student Management System version 1.0 Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities can be exploited via the fromdate and todate parameters at the...

CVE-2023-27213

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php...

Student Management System SQL注入漏洞

Student Management System is a simple web-based student management software by Sk.Amir Hamza, an individual developer from Bangladesh. A security vulnerability exists in Online Student Management System v1.0, which originates from a SQL injection vulnerability via the searchdata parameter of...

CVE-2023-27214

Online Student Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the fromdate and todate parameters at /eduauth/student/between-date-reprtsdetails.php...