52 matches found
CVE-2024-10423 Project Worlds Student Project Allocation System Project Selection Page project_selection.php sql injection
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/projectselection/projectselection.php of the component Project Selection Page. The manipulation of the argument projectid lead...
CVE-2024-10423
CVE-2024-10423 affects Project Worlds Student Project Allocation System 1.0, specifically the /student/project_selection/project_selection.php file. The vulnerability arises from the project_id parameter, enabling remote SQL injection. Public exploit details exist. No patch/fix is confirmed in th...
CVE-2024-10423 Project Worlds Student Project Allocation System Project Selection Page project_selection.php sql injection
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/projectselection/projectselection.php of the component Project Selection Page. The manipulation of the argument projectid lead...
Project Worlds Student Project Allocation System 安全漏洞
Project Worlds Student Project Allocation System is a student project allocation system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Student Project Allocation System version 1.0, which originates in the /student/projectselection/moveupproject.php of the Project...
Teacher Subject Allocation Management System 1.0 SQL Injection
Exploit Title: Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://phpgurukul.com/teacher-subject-allocation-system-using-php-and-mysql Software Link:...
Cross site scripting
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file adminlogin.php of the component Admin Login Module. The manipulation of the argument msg with the input...
CVE-2024-0726
CVE-2024-0726 affects Project Worlds Student Project Allocation System 1.0, specifically the Admin Login Module via the file admin_login.php. The vulnerability is a cross-site scripting (XSS) flaw caused by manipulating the msg argument (example input: test%22%3Cscript%3Ealert(%27Torada%27)%3C/sc...
CVE-2024-0726 Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scripting
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file adminlogin.php of the component Admin Login Module. The manipulation of the argument msg with the input...
CVE-2024-0726 Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scripting
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file adminlogin.php of the component Admin Login Module. The manipulation of the argument msg with the input...
Project Worlds Student Project Allocation System Security Vulnerability
Project Worlds Student Project Allocation System is a student project allocation system from Project Worlds. A security vulnerability exists in Project Worlds Student Project Allocation System version 1.0, which stems from the parameter msg in the file adminlogin.php that can lead to cross-site...
CVE-2023-6649
A vulnerability has been found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument searchdata with the input alert5 leads to cross site scripting. The attack c...
Teacher Subject Allocation Management System profile.php file cross-site scripting vulnerability
Teacher Subject Allocation Management System a teacher subject allocation management system. Teacher Subject Allocation Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the adminname and email...
CVE-2023-46026
Cross Site Scripting XSS vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters...
CVE-2023-46026
Cross Site Scripting XSS vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters...
CVE-2023-46025
SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter...
CVE-2023-46024
SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter...
CVE-2023-37743
A cross-site scripting XSS vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box...
CVE-2023-37743
A cross-site scripting XSS vulnerability in Teacher Subject Allocation System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search text box...
CVE-2023-37743
CVE-2023-37743 concerns an XSS vulnerability in the Teacher Subject Allocation System v1.0. Multiple sources identify a crafted payload injected into the Search text box that allows execution of arbitrary web scripts or HTML in the victim’s browser. The core issue is insufficient input handling f...
CVE-2023-1791
A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file manageuser.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. Th...