94 matches found
CVE-2025-26198
CloudClassroom-PHP-Project v1.0 contains a critical SQL Injection vulnerability in the loginlinkadmin.php component. The application fails to sanitize user-supplied input in the admin login form before directly including it in SQL queries. This allows unauthenticated attackers to inject arbitrary...
CVE-2025-26198
CVE-2025-26198 — CloudClassroom-PHP-Project v1.0 suffers a critical SQL Injection in the admin login path (loginlinkadmin.php) where unsanitized input is used directly in SQL queries. This enables unauthenticated users to bypass authentication and gain full admin access, potentially exposing or m...
CVE-2025-26198
CloudClassroom-PHP-Project v1.0 contains a critical SQL Injection vulnerability in the loginlinkadmin.php component. The application fails to sanitize user-supplied input in the admin login form before directly including it in SQL queries. This allows unauthenticated attackers to inject arbitrary...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CloudClassroom-PHP-Project 安全漏洞
CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. CloudClassroom-PHP-Project has a security vulnerability that stems from the eid parameter in askquery.php being vulnerable to cross-site scripting attacks, which could lead to session hijacking or...
PT-2025-24501 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom PHP Project affected versions not specified Description: A Cross-Site Scripting XSS issue exists in the CloudClassroom PHP Project, specifically in the askquery.php file, via the eid parameter. This allows remote attackers to...
CVE-2025-46178
Cross-Site Scripting XSS vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement...
CVE-2025-46178
The CVE-2025-46178 entry pertains to a Cross-Site Scripting (XSS) vulnerability in the CloudClassroom PHP Project, specifically in the askquery.php file via the eid parameter. The flaw allows remote attackers to inject arbitrary JavaScript in the context of a victim browser session, potentially l...
CloudClassroom PHP Project 1.0 - SQL Injection
Exploit Title: CloudClassroom PHP Project 1.0 - SQL Injection Google Dork: inurl:CloudClassroom-PHP-Project-master Date: 2025-05-30 Exploit Author: Sanjay Singh Vendor Homepage: https://github.com/mathurvishal/CloudClassroom-PHP-Project Software Link:...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...
📄 CloudClassroom PHP Project 1.0 SQL Injection
CloudClassroom PHP Project version 1.0 suffers from a time-based blind remote SQL Injection vulnerability. Hello Full Disclosure list, I am sharing details of a newly assigned CVE affecting an open-source educational software project:...
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries...
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...
CVE-2025-45542
CVE-2025-45542 affects CloudClassroom-PHP-Project v1.0, specifically the registrationform endpoint where the pass parameter is not properly validated, enabling a time-based blind SQL injection. Multiple connected sources corroborate that an unauthenticated remote attacker can manipulate backend S...
PT-2025-23532 · Unknown · Cloudclassroom-Php Project
Name of the Vulnerable Software and Affected Versions: CloudClassroom-PHP-Project version 1.0 Description: A SQL injection vulnerability exists in the registrationform endpoint of CloudClassroom-PHP-Project due to improper input validation, allowing attackers to inject SQL queries. The pass...