59 matches found
CVE-2025-44608
CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter...
PT-2025-30847 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP Project version 1.0 Description: The CloudClassroom-PHP Project is susceptible to a SQL injection issue through the viewid parameter. Recommendations: As a temporary workaround, consider restricting access to the viewid...
CVE-2025-44608
CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter...
CVE-2025-44608
CVE-2025-44608 affects CloudClassroom-PHP Project version 1.0, with a SQL injection vulnerability injectable via the viewid parameter. Root cause: unvalidated input in viewid leads to SQL injection. Practical impact stated in connected docs includes potential remote code execution (RCE) demonstra...
CVE-2025-44608
CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter...
Exploit for SQL Injection in Vishalmathur Cloudclassroom-Php_Project
CVE-2025-44608 CloudClassroom-PHP Project v1.0 is vulnerable...
CVE-2025-46179
A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...
PT-2025-26326 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP Project version 1.0 Description: A SQL Injection issue was discovered in the askquery.php file. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries. Recommendations: For...
CVE-2025-46179
A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...
CVE-2025-46179
A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...
CVE-2025-26198
CVE-2025-26198 — CloudClassroom-PHP-Project v1.0 suffers a critical SQL Injection in the admin login path (loginlinkadmin.php) where unsanitized input is used directly in SQL queries. This enables unauthenticated users to bypass authentication and gain full admin access, potentially exposing or m...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by insecure credential transmission: login credentials are sent over HTTP, enabling MitM exposure. A compromised session could allow an attacker to login and potentially trigger administrative actions (e.g., file uploads) leading to remote code executio...
PT-2025-26184 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project version 1.0 Description: An issue in the CloudClassroom PHP Project allows a remote attacker to execute arbitrary code via the cleartext submission of passwords. This is related to the cleartext transmission of...
CVE-2025-26199
CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CloudClassroom-PHP-Project 安全漏洞
CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. CloudClassroom-PHP-Project has a security vulnerability that stems from the eid parameter in askquery.php being vulnerable to cross-site scripting attacks, which could lead to session hijacking or...
PT-2025-24501 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project affected versions not specified Description: A Cross-Site Scripting XSS issue exists in the CloudClassroom PHP Project, specifically in the askquery.php file, via the eid parameter. This allows remote attackers to...