Lucene search
K

611 matches found

CNVD
CNVD
added 2021/03/22 12:0 a.m.1 views

Unauthorized Access Vulnerability in the Intelligent Management System for Innovative Training for Prefectural Students

Pioneer's Great Student Innovation Training Intelligent Management System is a set of management system that runs through the whole set of operation process of college students' innovation training program. An unauthorized access vulnerability exists in the system, which can be exploited by...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/01/29 12:0 a.m.5 views

Information leakage vulnerability in the student work management information system of Zhengfang Software Co.(CNVD-2021-12847)

Ltd. is a software enterprise and high-tech enterprise specializing in consulting, planning, construction and service in the field of university education informatization. There is an information leakage vulnerability in the student work management information system of Zhengfang Software Co., Lt...

6.6AI score
Exploits0
NVD
NVD
added 2020/12/08 2:15 p.m.18 views

CVE-2020-25955

SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting XSS via the 'add subject' tab...

5.4CVSS5.3AI score0.00929EPSS
Exploits2References4
CVE
CVE
added 2020/12/08 1:5 p.m.39 views

CVE-2020-25955

Affected software: SourceCodester Student Management System Project in PHP version 1.0. The CVE-2020-25955 entry describes a stored XSS vulnerability exploitable through the add subject tab. Root cause: input entered via the tab is stored and subsequently reflected, enabling script execution. Imp...

5.4CVSS5.2AI score0.00929EPSS
Exploits2References4Affected Software1
Packet Storm
Packet Storm
added 2020/12/08 12:0 a.m.340 views

Student Management System Project PHP 1.0 Cross Site Scripting

For CVE-2020-25955: Exploit Title: student management system project PHP - Stored cross-site scripting Exploit Author: Krishna Yadav Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14443/student-management-system-project-php.html Version: 1.0 Test...

5.6AI score0.00929EPSS
Exploits2
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.7 views

SourceCodester Student Management System Project Cross-Site Scripting Vulnerability

SourceCodester Student Management System is a set of online student management system from SourceCodester, Inc. in the United States. The system provides student information management, announcement management, course management and other functions. A cross-site scripting vulnerability exists in...

5.4CVSS5.9AI score0.00929EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2020/12/08 12:0 a.m.5 views

PT-2020-16256 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Management System Project in PHP version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the 'add subject' tab, allowing for stored XSS attacks...

5.4CVSS5.2AI score0.00929EPSS
Exploits2References10
CNVD
CNVD
added 2020/08/21 12:0 a.m.2 views

Student Management System Authentication Bypass Vulnerability

Student Management System is an online student management system that helps schools manage and track information about each student. An authentication bypass vulnerability exists in Student Management System 1.0. The vulnerability can be exploited to bypass authentication via "Username: admin' &&...

9.8CVSS7AI score0.15926EPSS
Exploits6References1
NVD
NVD
added 2020/08/20 3:15 p.m.27 views

CVE-2020-23935

Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin' && Password: Write Something"...

9.8CVSS9.4AI score0.15926EPSS
Exploits6References2
OSV
OSV
added 2020/08/20 3:15 p.m.5 views

CVE-2020-23935

Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin' && Password: Write Something"...

9.8CVSS7.3AI score0.15926EPSS
Exploits6References2
Prion
Prion
added 2020/08/20 3:15 p.m.12 views

Authentication flaw

Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin' && Password: Write Something"...

7.5CVSS9.4AI score0.15926EPSS
Exploits6References2Affected Software1
CVE
CVE
added 2020/08/20 2:9 p.m.66 views

CVE-2020-23935

CVE-2020-23935 affects Kabir Alhasan Student Management System 1.0. An authentication bypass is possible via a crafted login payload, e.g., Username: admin'# and any Password, allowing bypass of the login check through the admin path (process.php). Multiple sources corroborate an SQLi- or bypass-...

9.8CVSS9.3AI score0.15926EPSS
Exploits6References2Affected Software1
Cvelist
Cvelist
added 2020/08/20 2:9 p.m.26 views

CVE-2020-23935

Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin' && Password: Write Something"...

9.5AI score0.15926EPSS
Exploits6References2
Positive Technologies
Positive Technologies
added 2020/08/20 12:0 a.m.10 views

PT-2020-15601 · Kabir Alhasan · Kabir Alhasan Student Management System

Name of the Vulnerable Software and Affected Versions: Kabir Alhasan Student Management System version 1.0 Description: The issue allows for Authentication Bypass. An attacker can exploit this by using a specific combination of username and password, such as 'admin', to bypass authentication...

9.8CVSS7.3AI score0.15926EPSS
Exploits6References5
CNVD
CNVD
added 2016/10/12 12:0 a.m.1 views

SQL Injection Vulnerability in the Student Management System wjgl_xx.asp Page of Shanxi Huaxing TechSoft Co.

Student Management System is a software application for the daily management of various student information. A SQL injection vulnerability exists in the Student Management System developed by Shanxi Huaxing TechSoft Co. Ltd, which can be exploited by attackers to obtain sensitive information from...

7.6AI score
Exploits0References1
seebug.org
seebug.org
added 2015/03/19 12:0 a.m.29 views

某用户量较大的综合管理系统mssql注射漏洞

简要描述: 大量学生综合系统使用安脉的。 详细说明: 厂商: 上海安脉计算机科技有限公司 http://www.anmai.net/ SQL注射点: /oa/news/updateAffiche.aspx?id=1 其中id参数存在sql注射 互联网自动采集案例5枚: http://zhgl.w25z.cn/ANMAI/oa/news/updateAffiche.aspx?id=1 http://www.jukui.com/ANMAI/oa/news/updateAffiche.aspx?id=1...

7.1AI score
Exploits0
NVD
NVD
added 2014/02/07 3:48 p.m.26 views

CVE-2014-1914

Multiple cross-site scripting XSS vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to inject arbitrary web script or HTML via the 1 topic parameter to sw/addtopic.php or 2 nick parameter to sw/chat/message.php...

4.3CVSS5.7AI score0.01327EPSS
Exploits1References6
NVD
NVD
added 2014/02/07 3:48 p.m.29 views

CVE-2014-1915

Multiple cross-site request forgery CSRF vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of 1 administrators for requests that change the administrator password via an update action to sw/adminchangepassword.php or 2...

6.8CVSS7.5AI score0.02468EPSS
Exploits1References4
Prion
Prion
added 2014/02/07 3:48 p.m.19 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of 1 administrators for requests that change the administrator password via an update action to sw/adminchangepassword.php or 2...

6.8CVSS7.8AI score0.02468EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2014/02/07 3:48 p.m.22 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to inject arbitrary web script or HTML via the 1 topic parameter to sw/addtopic.php or 2 nick parameter to sw/chat/message.php...

4.3CVSS6AI score0.01327EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder