38 matches found
EUVD-2025-18756
Malicious code in bioql PyPI...
EUVD-2025-16669
Malicious code in bioql PyPI...
EUVD-2025-23284
Malicious code in bioql PyPI...
EUVD-2025-23370
Malicious code in bioql PyPI...
CVE-2025-50868
A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is not properly sanitized before being used in SQL queries...
CVE-2025-50866
CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting XSS vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading t...
CVE-2025-50868
A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is not properly sanitized before being used in SQL queries...
CVE-2025-50868
A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP-Project 1.0. The Q4 POST parameter is not properly sanitized before being used in SQL queries...
CVE-2025-50868
CVE-2025-50868 affects CloudClassroom-PHP-Project 1.0, specifically the takeassessment2.php file where the Q4 POST parameter is not properly sanitized before being used in SQL queries, enabling SQL injection. The CVSS v3.1 base score is 6.5 (Medium) with low confidentiality/integrity impact and n...
PT-2025-31658 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP-Project version 1.0 Description: A SQL Injection issue exists in the takeassessment2.php file. The Q4 POST parameter is not properly sanitized before being used in SQL queries. Recommendations: Ensure proper sanitization of...
CVE-2025-50867
A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization...
CVE-2025-50866
CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting XSS vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading t...
CVE-2025-50866
CVE-2025-50866 concerns CloudClassroom-PHP-Project 1.0, which contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the /postquerypublic endpoint. The vulnerability arises from improper sanitization of user-supplied input, allowing an attacker to inject JavaScrip...
CVE-2025-50867
A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization...
PT-2025-30847 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP Project version 1.0 Description: The CloudClassroom-PHP Project is susceptible to a SQL injection issue through the viewid parameter. Recommendations: As a temporary workaround, consider restricting access to the viewid...
CVE-2025-46179
A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...
CVE-2025-26198
CVE-2025-26198 — CloudClassroom-PHP-Project v1.0 suffers a critical SQL Injection in the admin login path (loginlinkadmin.php) where unsanitized input is used directly in SQL queries. This enables unauthenticated users to bypass authentication and gain full admin access, potentially exposing or m...
PT-2025-26184 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project version 1.0 Description: An issue in the CloudClassroom PHP Project allows a remote attacker to execute arbitrary code via the cleartext submission of passwords. This is related to the cleartext transmission of...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...