Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2025/06/11 12:6 a.m.8 views

CVE-2025-46178

Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...

6.1CVSS5.9AI score0.00334EPSS
Exploits0References1
NVD
NVD
added 2025/06/09 4:15 p.m.8 views

CVE-2025-46178

Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...

6.1CVSS0.00334EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.4 views

CloudClassroom-PHP-Project 安全漏洞

CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. CloudClassroom-PHP-Project has a security vulnerability that stems from the eid parameter in askquery.php being vulnerable to cross-site scripting attacks, which could lead to session hijacking or...

6.1CVSS6.1AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.8 views

PT-2025-24501 · Unknown · Cloudclassroom-Php Project

Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project affected versions not specified Description: A Cross-Site Scripting XSS issue exists in the CloudClassroom PHP Project, specifically in the askquery.php file, via the eid parameter. This allows remote attackers to...

6.1CVSS5.8AI score0.00334EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2025/06/05 12:0 a.m.342 views

CloudClassroom PHP Project 1.0 - SQL Injection

Exploit Title: CloudClassroom PHP Project 1.0 - SQL Injection Google Dork: inurl:CloudClassroom-PHP-Project-master Date: 2025-05-30 Exploit Author: Sanjay Singh Vendor Homepage: https://github.com/mathurvishal/CloudClassroom-PHP-Project Software Link:...

7.3CVSS7.4AI score0.00995EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/06/04 12:14 a.m.7 views

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

7.3CVSS7.9AI score0.00995EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/06/04 12:14 a.m.7 views

CVE-2024-57459

A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...

7.3CVSS7.9AI score0.00211EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/06/03 12:0 a.m.178 views

📄 CloudClassroom PHP Project 1.0 SQL Injection

CloudClassroom PHP Project version 1.0 suffers from a time-based blind remote SQL Injection vulnerability. Hello Full Disclosure list, I am sharing details of a newly assigned CVE affecting an open-source educational software project:...

7.3CVSS8.8AI score0.00995EPSS
Exploits3
NVD
NVD
added 2025/06/02 4:15 p.m.11 views

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

7.3CVSS0.00995EPSS
Exploits3References3
Cvelist
Cvelist
added 2025/06/02 12:0 a.m.10 views

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

0.00995EPSS
Exploits3References2
CVE
CVE
added 2025/06/02 12:0 a.m.61 views

CVE-2025-45542

CVE-2025-45542 affects CloudClassroom-PHP-Project v1.0, specifically the registrationform endpoint where the pass parameter is not properly validated, enabling a time-based blind SQL injection. Multiple connected sources corroborate that an unauthenticated remote attacker can manipulate backend S...

7.3CVSS7.9AI score0.00995EPSS
Exploits3References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.4 views

PT-2025-23532 · Unknown · Cloudclassroom-Php Project

Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP-Project version 1.0 Description: A SQL injection vulnerability exists in the registrationform endpoint of CloudClassroom-PHP-Project due to improper input validation, allowing attackers to inject SQL queries. The pass...

7.3CVSS7.7AI score0.00995EPSS
Exploits3References12
Vulnrichment
Vulnrichment
added 2025/06/02 12:0 a.m.3 views

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...

7.5AI score0.00995EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/06/02 12:0 a.m.13 views

CVE-2024-57459

A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...

0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.5 views

PT-2025-23534 · Unknown · Cloudclassroom-Php Project

Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project version 1.0 Description: A time-based SQL injection issue exists due to improper validation of user input in the myds parameter of the mydetailsstudent.php file. This allows an attacker to inject arbitrary SQL...

7.3CVSS7.4AI score0.00211EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/02/28 12:22 a.m.11 views

CVE-2024-57423

A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...

6.1CVSS7.2AI score0.00452EPSS
Exploits1References1
OSV
OSV
added 2025/02/26 9:15 p.m.6 views

CVE-2024-57423

A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...

6.1CVSS6.1AI score0.00452EPSS
Exploits1References1
CVE
CVE
added 2025/02/26 12:0 a.m.59 views

CVE-2024-57423

CVE-2024-57423 describes a Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0, where the exid parameter of the assessment function can be exploited to execute arbitrary code by a remote attacker. The NVD entry assigns CVSS‑3.1 metrics: AV:N, AC:L, PR:N, UI:R, S:C, C:L/I:L/A:N, ...

6.1CVSS7AI score0.00452EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder