14 matches found
EUVD-2026-10250
A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /addresult.php. Such manipulation of the argument subject leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...
PT-2026-22542
Name of the Vulnerable Software and Affected Versions itsourcecode University Management System version 1.0 Description A security issue exists in itsourcecode University Management System version 1.0. The vulnerability is related to SQL injection within an unknown functionality of the file /admi...
CVE-2024-10700
A vulnerability was found in code-projects University Event Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file submit.php. The manipulation of the argument name/email/title/Year/gender/fromdate/todate/people leads to sql injection. The...
CodeAstro University Management System Cross-Site Scripting Vulnerability
University Management System is a university management system. A cross-site scripting vulnerability exists in CodeAstro University Management System version 1.0, which stems from the fact that incorrect manipulation of the Student Name parameter can lead to cross-site scripting...
SQL Injection Vulnerability in University Worry-Free Online Course Selection System
School Worry-Free Online Course Selection System is designed to solve the problem of cumbersome work brought about by students' independent course selection by selecting courses online and completing personal course selection information, replacing the manual operation with paper. The system is...
s2-045 remote command execution vulnerability in KINGOSOFT University Teaching Network Management System of Hunan Qingguo Software Co.
Hunan Qingguo Software Co., Ltd KINGOSOFT college teaching network management system is a technical solution for the construction of digital campus for colleges and universities. Hunan Qingguo Software Co., Ltd. KINGOSOFT university teaching network management system uses Apache Struts xwork as t...
某高校在用系统sql注入(打包)(DBA)(无需登录)
简要描述: 1 详细说明: 案例较多,给CNCERT 漏洞证明: Apabi论文授权提交系统 版权所有© 北京方正阿帕比技术有限公司 谷歌搜索:论文授权提交系统 北京大学复旦大学什么的都在其中 漏洞文件publish.asp 里的txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate 案例 210.44.126.14/tasi/admin/publish/publish.asp?action=querylist --data...
某高校通用内容管理系统后台任意用户登录+getshell
简要描述: 本来我是发现了该系统后台注入和万能密码登录的问题的,搜索了下没找到相关内容,以为没人提交过。等我整理好了,又发现了 http://www.wooyun.org/bugs/wooyun-2010-055845。 挺郁闷的啊....既然这样,那咱就换种方法吧。条条大路通后台啊 详细说明: 南京南软科技为研究生院开发的管理系统 http://www.southsoft.com.cn/Case.asp?id=941 该系统登陆后每次cookie都是一样的,通过简单的伪造cookie就可以绕过后台登陆。...
A teaching system of the generic Oracle injection&arbitrary file upload-vulnerability warning-the black bar safety net
The set of"JSP+Oracle"of the CMS is mainly used for University, vocational and technical schools the educational system, many universities, including China medicine University Office of Academic Affairs also in the use of the sleeve system, which system comprisesSQL injectionvulnerabilities and...
Enterprise Resource Planning SQL Injection
Exploit Author: Shahram Darvishvand karajikt21 Exploit Title: erp Enterprise Resource plannin SQL Injection Vulnerability Vendor : sida university system Date: 4/May/2012 Google Dork: "نرم افزار جامع erp شامل قوانین کپی رایت می باشد و نوع نسخه بتا می باشد" Version: 1389/09/17 Tested on: ASHX...
Enterprise Resource planning SQL Injection Vulnerability
Exploit for asp platform in category web applications Exploit Author: Shahram Darvishvand karajikt21 Exploit Title: erp Enterprise Resource plannin SQL Injection Vulnerability Vendor : sida university system Date: 15/May/2012 Google Dork: "نرم افزار جامع erp شامل قوانین کپی رایت می باشد و نوع نسخ...
SIDA University System SQL Injection
Author: K053 Vendor : SIDA Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389 so we decide to public it now. Maybe more in future ;...
SIDA University System - SQL Injection
SIDA University System - SQL Injection Author: K053 Vendor : SIDA Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389 so we decide to public it now. Maybe mo...
SIDA University System - SQL Injection
Author: K053 Vendor : SIDA Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389 so we decide to public it now. Maybe more in future ;...