17 matches found
CVE-2026-2089
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-2089
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-2089
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
EUVD-2026-5724
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-2089
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-2089 SourceCodester Online Class Record System controller.php sql injection
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-2089
CVE-2026-2089 affects SourceCodester Online Class Record System 1.0. The vulnerability is a SQL injection in the file /admin/subject/controller.php caused by manipulating the ID argument. Exploitation is remote and the exploit has been published, enabling public use. Red Hat, NVD, and other sourc...
SourceCodester Online Class Record System SQL注入漏洞
The SourceCodester Online Class Record System is an open-source online classroom recording system developed by SourceCodester. Version 1.0 of the SourceCodester Online Class Record System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in t...
PT-2026-6910
Name of the Vulnerable Software and Affected Versions SourceCodester Online Class Record System version 1.0 Description A flaw exists in SourceCodester Online Class Record System 1.0 that allows for SQL injection. The issue is located in the file /admin/subject/controller.php. Manipulating the ID...
Web-Based Internet Laboratory Management System /subject/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally-entered SQL statements in the file /subject/controller.php. An attacker c...
CVE-2025-13301
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13301
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...
CVE-2025-13301
CVE-2025-13301 affects itsourcecode Web-Based Internet Laboratory Management System 1.0. The vulnerability is a SQL injection in an unspecified function of /subject/controller.php that can be exploited remotely; public exploits exist. CNVD, Red Hat, NVD and other sources corroborate the issue and...
PT-2025-47208
Name of the Vulnerable Software and Affected Versions itsourcecode Web-Based Internet Laboratory Management System version 1.0 Description A SQL injection issue exists in itsourcecode Web-Based Internet Laboratory Management System version 1.0. The issue is located in an unknown functionality of...
CVE-2025-0406
A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java. The manipulation of the argument subname leads to sql injection. It is possible to...
gymxmjpa 安全漏洞
gymxmjpa is a gym management system for liujianview individual developers. A security vulnerability exists in gymxmjpa version 1.0, which originates in the src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java file, where the subname parameter in the SubjectDaoImpl function contain...
CVE-2024-13042 Tsinghua Unigroup Electronic Archives Management System download.html download information disclosure
A vulnerability was found in Tsinghua Unigroup Electronic Archives Management System 3.2.21080262532. It has been classified as problematic. Affected is the function download of the file /Searchnew/Subject/download.html. The manipulation of the argument path leads to information disclosure. It is...