CVE-2026-3767

CVE-2026-3767 affects an unknown function in the file /admin/teacher-attendance.php of itsourcecode. A manipulation of the argument teacher_id can lead to SQL injection . The description states the attack can be launched remotely and that the exploit has been publicly available, indicating public...

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...

Projectworlds Online Time Table Generator 安全漏洞

Projectworlds Online Time Table Generator is an online schedule generator developed by the Indian company Projectworlds. Version 1.0 of Projectworlds Online Time Table Generator has a security vulnerability. This vulnerability stems from the lack of authentication in files admin/student.php and...

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in the Kashipara Responsive School Management System version v3.2.0, which stems from an error in the /smsa/adminteacherregisterapproval.php file and the...

CVE-2022-32420

College Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file...