65 matches found
CVE-2026-36232
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
CVE-2026-36232
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
CVE-2026-36232
A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...
EUVD-2017-9076
Malware in sbrugna...
EUVD-2023-46020
Malicious code in bioql PyPI...
CVE-2025-10673
A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-10673
A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. The attack may be initiated remotely. The exploit has...
CVE-2025-10673
The CVE-2025-10673 entry concerns itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/modules/class/index.php caused by manipulating the classId argument. Remote initiation is possible, and the exploit has been publicly dis...
PT-2025-38411
Name of the Vulnerable Software and Affected Versions itsourcecode Student Information Management System version 1.0 Description A vulnerability exists in itsourcecode Student Information Management System version 1.0. The issue is a SQL injection affecting an unknown function within the...
CVE-2023-41520
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters...
CVE-2023-41520
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters...
CVE-2023-41520
CVE-2023-41520 affects Student Attendance Management System v1. The vulnerability lies in createClassArms.php, where SQL injection can be introduced via the parameters classId and classArmName. Affected component is the server-side PHP script responsible for managing class arms. The CVE metrics i...
CVE-2023-41520
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters...
CVE-2025-21971
In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...
CVE-2025-21971 net_sched: Prevent creation of classes with TC_H_ROOT
In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent creation of classes with TCHROOT The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. However, if a class is created wi...
CVE-2022-31788
IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname...
CVE2018-8550Poc
这个漏洞属于com组件Unmarshal类型本地权限提升漏洞 复现环境 1. Windows 10 1709 32位操作系统 2. 需要安装声卡或操作系统自带虚拟声卡 3. 编译环境Visual Studio 2013 Poc 分析 原poc作者James Forshaw使用C实现,我一直未复现成功,不过通过原poc的代码我大致明白了漏洞的成因和触发方法,原poc环境是win10 1803...
CVE-2017-17933
cgi/surgeftpmgr.cgi aka the Web Manager interface on TCP port 7021 or 9021 in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter...
CVE-2017-17933
cgi/surgeftpmgr.cgi aka the Web Manager interface on TCP port 7021 or 9021 in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter...
CHM Help Files Deliver Brazilian Banking Trojan
Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...