38 matches found
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CloudClassroom-PHP-Project 安全漏洞
CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. CloudClassroom-PHP-Project has a security vulnerability that stems from the eid parameter in askquery.php being vulnerable to cross-site scripting attacks, which could lead to session hijacking or...
PT-2025-24501 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project affected versions not specified Description: A Cross-Site Scripting XSS issue exists in the CloudClassroom PHP Project, specifically in the askquery.php file, via the eid parameter. This allows remote attackers to...
CloudClassroom PHP Project 1.0 - SQL Injection
Exploit Title: CloudClassroom PHP Project 1.0 - SQL Injection Google Dork: inurl:CloudClassroom-PHP-Project-master Date: 2025-05-30 Exploit Author: Sanjay Singh Vendor Homepage: https://github.com/mathurvishal/CloudClassroom-PHP-Project Software Link:...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...
📄 CloudClassroom PHP Project 1.0 SQL Injection
CloudClassroom PHP Project version 1.0 suffers from a time-based blind remote SQL Injection vulnerability. Hello Full Disclosure list, I am sharing details of a newly assigned CVE affecting an open-source educational software project:...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2025-45542
CVE-2025-45542 affects CloudClassroom-PHP-Project v1.0, specifically the registrationform endpoint where the pass parameter is not properly validated, enabling a time-based blind SQL injection. Multiple connected sources corroborate that an unauthenticated remote attacker can manipulate backend S...
PT-2025-23532 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP-Project version 1.0 Description: A SQL injection vulnerability exists in the registrationform endpoint of CloudClassroom-PHP-Project due to improper input validation, allowing attackers to inject SQL queries. The pass...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...
PT-2025-23534 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project version 1.0 Description: A time-based SQL injection issue exists due to improper validation of user input in the myds parameter of the mydetailsstudent.php file. This allows an attacker to inject arbitrary SQL...
CVE-2024-57423
A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...
CVE-2024-57423
A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function...
CVE-2024-57423
CVE-2024-57423 describes a Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0, where the exid parameter of the assessment function can be exploited to execute arbitrary code by a remote attacker. The NVD entry assigns CVSS‑3.1 metrics: AV:N, AC:L, PR:N, UI:R, S:C, C:L/I:L/A:N, ...