8 matches found
CVE-2026-10226
CVE-2026-10226 affects the project raisulislamg4 student_management_system_by_php (file delete.php). The issue is a SQL injection that can be triggered by manipulating arguments such as user_id, course_id, teacher_id, student_id, or application_id. The vulnerability is exploitable remotely and ex...
CVE-2026-9574 itsourcecode Student Transcript Processing System trans.php sql injection
A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched remotely. The exploit...
CVE-2026-3110 Multiple vulnerabilities on the Educativa Campus
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...
PT-2026-25667
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin usuarios.cgi?filtro estado=T&wAccion=listado xlsx&wBuscar=&wFiltrar=&wOrden=alta usuario&wid cursoActual=ID' where the data of users enrolled in the course is exported...
PHPGurukul Online Course Registration System SQL注入漏洞
PHPGurukul Online Course Registration System is an online course registration system from PHPGurukul Inc. A SQL injection vulnerability exists in PHPGurukul Online Course Registration System version 3.1 and earlier, which stems from incorrect manipulation of the parameter cid in the file...
CVE-2024-13037
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been classified as critical. Affected is the function attendancereport of the file /admin/report.php. The manipulation of the argument courseid leads to sql injection. It is possible to launch the attack...
WordPress plugin Tutor LMS security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...