9 matches found
CVE-2025-9444
A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/deletegroupstudent.php. The manipulation of the argument batchid leads to sql injection. The attack can be initiated...
CVE-2025-9444
The CVE concerns 1000projects Online Project Report Submission and Evaluation System 1.0. A SQL injection vulnerability exists in the file /admin/controller/delete_group_student.php, triggered by manipulating the batch_id parameter. This remote attack surface could lead to unauthorized data expos...
CVE-2025-9444 1000projects Online Project Report Submission and Evaluation System delete_group_student.php sql injection
A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/deletegroupstudent.php. The manipulation of the argument batchid leads to sql injection. The attack can be initiated...
CVE-2025-9444 1000projects Online Project Report Submission and Evaluation System delete_group_student.php sql injection
A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/deletegroupstudent.php. The manipulation of the argument batchid leads to sql injection. The attack can be initiated...
PT-2025-34732
Name of the Vulnerable Software and Affected Versions: 1000projects Online Project Report Submission and Evaluation System version 1.0 Description: A SQL injection issue exists due to the manipulation of the batch id argument in the processing of the /admin/controller/delete group student.php fil...
CVE-2012-5500
The batch id change script renameObjectsByPaths.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request...
Cross site request forgery (csrf)
The batch id change script renameObjectsByPaths.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request...
PYSEC-2014-42
The batch id change script renameObjectsByPaths.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request...
CVE-2012-5500
CVE-2012-5500 affects Plone’s batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1. Root cause: CSRF token-based request path allows a remote attacker to change the titles of content items. Impact stated: unauthorized modification of content item titles. Ex...