65 matches found
CVE-2023-36134
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password on the Profile Page allows remote attackers to take over accounts...
CVE-2023-36137
There is a Cross Site Scripting XSS vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0...
CVE-2023-36135
User enumeration is found in in PHPJabbers Class Scheduling System v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...
CVE-2023-36134
CVE-2023-36134 affects PHP Jabbers Class Scheduling System 1.0. The issue is a lack of verification when changing an email address and/or password on the Profile Page, enabling remote attackers to take over accounts. No exploit vectors or affected versions beyond 1.0 are specified in the provided...
Class Scheduling System Security Vulnerability
Class Scheduling System is a class scheduling system by jkev Personal Developer. A security vulnerability exists in Class Scheduling System version 1.0. The vulnerability originates in the password recovery function, where a message difference can be used to determine whether a user is valid or...
Class Scheduling System Cross-Site Scripting Vulnerability
Class Scheduling System is a class scheduling system. A cross-site scripting vulnerability exists in Class Scheduling System v1.0, which originates from the lack of effective filtering and escaping of user-supplied data in the AcademicRank parameter of the file /admin/saveteacher.php in the...
CVE-2023-2826
A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...
CVE-2023-2826
A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...
Cross site scripting
A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...
CVE-2023-2826
CVE-2023-2826 affects SourceCodester Class Scheduling System 1.0. The vulnerability is in the POST Parameter Handler, specifically the file search_teacher_result.php, where manipulating the POST parameter teacher enables cross-site scripting. Exploitation is remote and has been publicly disclosed...
CVE-2023-2826 SourceCodester Class Scheduling System POST Parameter search_teacher_result.php cross site scripting
A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file searchteacherresult.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting...
PT-2023-21640 · Sourcecodester · Sourcecodester Class Scheduling System
Name of the Vulnerable Software and Affected Versions: SourceCodester Class Scheduling System version 1.0 Description: A vulnerability has been found in the SourceCodester Class Scheduling System, affecting the file search teacher result.php of the component POST Parameter Handler. The manipulati...
Sql injection
A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
CVE-2023-2823 SourceCodester Class Scheduling System GET Parameter edit_subject.php sql injection
A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
CVE-2023-2823
CVE-2023-2823 affects SourceCodester Class Scheduling System 1.0. The vulnerability lies in the GET Parameter Handler for the file /admin/edit_subject.php, where manipulating the id parameter causes SQL injection. It is exploitable remotely, and publicized exploits exist (VDB-229597). Multiple so...
SourceCodester Class Scheduling System SQL注入漏洞
Class Scheduling System is a class scheduling system by jkev individual developer. A SQL injection vulnerability exists in SourceCodester Class Scheduling System version 1.0, which is caused by an unknown function in the file /admin/editsubject.php in the component GET Parameter Handler, which...
PT-2023-21638 · Sourcecodester · Sourcecodester Class Scheduling System
Name of the Vulnerable Software and Affected Versions: SourceCodester Class Scheduling System version 1.0 Description: A critical issue was found in the SourceCodester Class Scheduling System, affecting an unknown functionality of the file /admin/edit subject.php, specifically the GET Parameter...
CVE-2023-2814
A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/saveteacher.php of the component POST Parameter Handler. The manipulation of the argument AcademicRank leads to cross site scripting. It is...
CVE-2023-2814
A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/saveteacher.php of the component POST Parameter Handler. The manipulation of the argument AcademicRank leads to cross site scripting. It is...
Cross site scripting
A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/saveteacher.php of the component POST Parameter Handler. The manipulation of the argument AcademicRank leads to cross site scripting. It is...