CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

EUVD-2017-9076

Malware in sbrugna...

EUVD-2023-46020

Malicious code in bioql PyPI...

CVE-2025-10673

A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-10673

The CVE-2025-10673 entry concerns itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/modules/class/index.php caused by manipulating the classId argument. Remote initiation is possible, and the exploit has been publicly dis...

PT-2025-38411

Name of the Vulnerable Software and Affected Versions itsourcecode Student Information Management System version 1.0 Description A vulnerability exists in itsourcecode Student Information Management System version 1.0. The issue is a SQL injection affecting an unknown function within the...

CVE-2023-41520

Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters...

CVE-2023-41520

Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters...

CVE-2022-31788

IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname...

CVE-2017-17933

cgi/surgeftpmgr.cgi aka the Web Manager interface on TCP port 7021 or 9021 in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter...

SQL Injection Vulnerability in the 'classid' parameter of the mining system of Shenzhen Jishu Communication Co.

Ltd. is a communication enterprise providing communication services and communication products. A SQL injection vulnerability exists in the program mining system of Shenzhen Jishu Communication Co. The lack of filtering of the 'classid' parameter allows an attacker to exploit the vulnerability to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the 1 domainid or 2 classid parameter in a class action...

CVE-2010-1068

Multiple cross-site scripting XSS vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the 1 domainid or 2 classid parameter in a class action...

Sql injection

SQL injection vulnerability in the ComSchool comschool component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php...

CVE-2009-2014

SQL injection vulnerability in the ComSchool comschool component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php...

CVE-1999-1447

Internet Explorer 4.0 allows remote attackers to cause a denial of service crash via HTML code that contains a long CLASSID parameter in an OBJECT tag...

CVE-1999-1447

Internet Explorer 4.0 allows remote attackers to cause a denial of service crash via HTML code that contains a long CLASSID parameter in an OBJECT tag...