690 matches found
CVE-2026-10620
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-10620 code-projects Student Admission System index.php sql injection
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-10620
The CVE-2026-10620 entry applies to code-projects Student Admission System 1.0, with a SQL injection flaw in /index.php triggered by tampering with eid/did arguments. The underlying issue is an input handling fault that enables remote SQL injection (attack vector: NETWORK; complexity: LOW). The e...
CVE-2026-10620
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-10620 code-projects Student Admission System index.php sql injection
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
EUVD-2026-34023
A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
PT-2026-45852
Name of the Vulnerable Software and Affected Versions code-projects Student Admission System version 1.0 Description A SQL injection flaw exists in the /index.php file. This issue allows a remote attacker to manipulate the eid and did arguments to execute unauthorized database queries...
CVE-2026-10228
A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
EUVD-2026-33561
A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting
A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
CVE-2026-10228
Technical details (affected software, components, vulnerable versions, and mitigations) are not publicly available in the provided documents. Monitor for updates and additional disclosures.
CVE-2026-10228
A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting
A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
student_management_system_by_php code injection vulnerability
studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a code injection vulnerability, which stems from incorrect handling of the parameter “Message” by an unknown function in the admissionformcheck.php file...
PT-2026-45272
A vulnerability was found in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admission form check.php. The manipulation of the argument Message results in cross site scripting. The attack can be...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: Only track QoS data frames for admission control. For admission control, it clearly only applies to QoS data frames. Otherwise, we wouldn’t even be able to access the QoS field in the header. Syzbot reported an...
Authorization Bypass
Kyverno is vulnerable to Authorization Bypass. The vulnerability is due to a critical authorization boundary bypass in namespaced Kyverno Policy apiCall, where the resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited t...
CVE-2026-42541
CVE-2026-42541 (Kubewarden RBAC Reconnaissance) : Affected Kubewarden versions allow an attacker with privileged AdmissionPolicy/AdmissionPolicyGroup create permissions to abuse the can_i host callback, which forwards a SubjectAccessReview (SAR) to the policy-server with elevated privileges. This...
CVE-2026-42541 Kubewarden: RBAC Reconnaissance via unchecked can_i host capability call
Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions which isn't the default can craft a policy that makes use of the cani host callback. The callback issues a SubjectAccessReview SAR requests to enumerate...
CVE-2026-42541 Kubewarden: RBAC Reconnaissance via unchecked can_i host capability call
Kubewarden is a policy engine for Kubernetes. Prior to , An attacker with privileged AdmissionPolicy or AdmissionPolicyGroup create permissions which isn't the default can craft a policy that makes use of the cani host callback. The callback issues a SubjectAccessReview SAR requests to enumerate...