CVE-2026-3403

A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2024-58276

Obi08/Enrollment System 1.0 contains a SQL injection vulnerability in the keyword parameter of /getsubject.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can use UNION-based injection to extract sensitive information from the users table including usernames...

Student Record System add-subject.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the sub1, sub2, sub3, sub4, and course-short parameters of add-subject.php. An attacker can exploit this...

CVE-2025-11105

A flaw has been found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /schedulingsystem/addsubject.php. This manipulation of the argument subcode causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

CVE-2025-10783 Campcodes Online Learning Management System add_subject.php sql injection

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addsubject.php. Executing manipulation of the argument subjectcode can lead to sql injection. The attack may be performed from remote. T...

PT-2025-38686

Name of the Vulnerable Software and Affected Versions: Campcodes Online Learning Management System version 1.0 Description: A weakness exists in Campcodes Online Learning Management System that may allow for remote SQL injection. The issue is related to the manipulation of the subject code argume...

Campcodes Online Learning Management System SQL注入漏洞

CampCodes Online Learning Management System is an online learning management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in Campcodes Online Learning Management System version 1.0, which stems from an incorrect manipulation of the parameter subjectcode in the file...

CVE-2024-50839

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewsubject.php file...

CVE-2024-6374 lahirudanushka School Management System Subject Page subject.php cross site scripting

A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as problematic. This issue affects some unknown processing of the file /subject.php of the component Subject Page. The manipulation of the argument Subject Title/Sybillus Details leads to cross site...

CVE-2024-6374

CVE-2024-6374 affects lahirudanushka School Management System 1.0.0/1.0.1. The vulnerability is a stored XSS in the Subject Page’s /subject.php, triggered by manipulating the Subject Title/Sybillus Details parameters. The issue is exploitable remotely and the exploit has been disclosed publicly. ...

CVE-2024-6278

A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the argument update leads to sql injection. The...

CVE-2024-6278 lahirudanushka School Management System Subject Page subject.php sql injection

A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the argument update leads to sql injection. The...

PT-2024-37506 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue has been found in the lahirudanushka School Management System, affecting an unknown functionality of the file subject.php of the component...

Campcodes Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...

CVE-2024-3771

A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql injection. The attack may be launched remotely...

PHPGurukul Student Record System SQL注入漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters sub1/sub2/sub3/sub4/udate in the file /edit-subject.php. An attacker can exploit thi...

Teacher Subject Allocation Management System Security Vulnerability

Teacher Subject Allocation Management System is a teacher subject allocation management system. A security vulnerability exists in Teacher Subject Allocation Management System version 1.0, which originates from a cross-site request forgery CSRF vulnerability in the file /admin/subject.php...

CVE-2023-31844

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/managesubject.php?id=...

Faculty Evaluation System SQL注入漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A security vulnerability exists in version v1.0 of the Sourcecodester Faculty Evaluation System, which originates in /eval/admin/managesubject.php?id=Existence of SQL injection...