PT-2023-21011 · Unknown · Online Student Management System

Name of the Vulnerable Software and Affected Versions: Online Student Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the searchdata parameter at the "/eduauth/student/search.php" API endpoint...

CVE-2023-27213

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php...

Student Management System SQL注入漏洞

Student Management System is a simple web-based student management software by Sk.Amir Hamza, an individual developer from Bangladesh. A security vulnerability exists in Online Student Management System v1.0, which originates from a SQL injection vulnerability via the searchdata parameter of...

CVE-2023-1099

A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launch...

Sql injection

A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launch...

CVE-2023-1099 SourceCodester Online Student Management System edit-class-detail.php sql injection

A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launch...

CVE-2023-1099 SourceCodester Online Student Management System edit-class-detail.php sql injection

A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launch...

Broken Access Control

Vulnerability Broken Access Control Issue Description: • Access control is the way how a web application grants access to content and functions to some users and not others. • These checks are performed after authentication and govern what ‘authorized’ users are allowed to do. • Jeffrey discovere...

CVE-2022-2876

A vulnerability, which was classified as critical, was found in SourceCodester Student Management System. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Student Management System. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2022-2876

The CVE-2022-2876 entry concerns SourceCodester Student Management System, where an SQL injection is possible via manipulating the id parameter in index.php. The vulnerability is exploitable remotely and was disclosed publicly; affected is an unknown function in index.php. Connected sources corro...

CVE-2022-2876 SourceCodester Student Management System index.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Student Management System. Affected is an unknown function of the file index.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

Student Management System SQL注入漏洞

Student Management System is a simple web-based student management software from Sk.Amir Hamza, an individual developer in Bangladesh. Student Management System suffers from a SQL injection vulnerability that stems from the operation parameter id that causes sql injection...

PT-2022-19213 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Management System affected versions not specified Description: A critical issue was found in the SourceCodester Student Management System, affecting an unknown function of the file index.php. The manipulation of the id...

CVE-2021-33371

A stored cross-site scripting XSS vulnerability in /navbaraction.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box...

Cross site scripting

A stored cross-site scripting XSS vulnerability in /navbaraction.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box...

CVE-2021-33371

CVE-2021-33371 is a stored XSS in Student Management System v1.0 caused by unsanitized input in /nav_bar_action.php (Chat box). Multiple connected sources confirm the vulnerable endpoint and payload injection as the attack vector, leading to execution of arbitrary client-side scripts. Affected so...

Student Management System 跨站脚本漏洞

Student Management System is a simple web-based student management software by the individual developer of Sk.Amir Hamza, Bangladesh. A security vulnerability exists in Student Management System version v1.0, which originates in navbaraction.php and allows attackers to execute arbitrary web scrip...

PT-2022-10231 · Unknown · Student Management System

Name of the Vulnerable Software and Affected Versions: Student Management System version 1.0 Description: A stored cross-site scripting XSS issue in the "/nav bar action.php" API endpoint allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box...

Student Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Student Management System 1.0 - SQLi Authentication Bypass Date: 2020-07-06 Exploit Author: Enes Özeser Vendor Homepage: https://www.sourcecodester.com/php/14268/student-management-system.html Version: 1.0 Tested on: Windows & WampServer CVE: CVE-2020-23935 1- Go to following url...