CVE-2019-18280

Sourcecodester Online Grading System 1.0 is affected by a Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code via a crafted HTML page, as demonstrated by a Create User action at the...

CVE-2019-18344

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page id or classid parameter...

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

CVE-2025-47942 Learners on edX Platform can download python_lib.zip

The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the pythonlib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course...

CVE-2025-47942

The CVE-2025-47942 entry describes a vulnerability in the Open edX Platform (edxapp) where, prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, there was no built-in protection to prevent downloading the python_lib.zip asset from courses. This could allow access to custom grading code or co...

Enhancing Security and Strengthening Defenses in Automated Short-Answer Grading Systems

This study examines vulnerabilities in transformer-based automated short-answer grading systems used in medical education, with a focus on how these systems can be manipulated through adversarial gaming strategies. Our research identifies three main types of gaming strategies that exploit the...

CVE-2025-3205

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-3205

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-3205

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-3205 CodeAstro Student Grading System studentsubject.php sql injection

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-3205

CVE-2025-3205 affects CodeAstro Student Grading System 1.0. The vulnerability is in the studentsubject.php file, where manipulating the studentId parameter leads to SQL injection. Exploitation can be performed remotely via a network attack, and the exploit has been publicly disclosed. There is no...

CVE-2025-3205 CodeAstro Student Grading System studentsubject.php sql injection

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CodeAstro Student Grading System 安全漏洞

CodeAstro Student Grading System is a student grading system from CodeAstro. A security vulnerability exists in CodeAstro Student Grading System version 1.0, which stems from an incorrect manipulation of the parameter studentId that can lead to SQL injection...

PT-2025-14832 · Unknown · Codeastro Student Grading System

Name of the Vulnerable Software and Affected Versions: CodeAstro Student Grading System version 1.0 Description: A critical issue was found in the CodeAstro Student Grading System, affecting an unknown part of the file studentsubject.php. The manipulation of the studentId argument leads to SQL...

Student Grading System SQL Injection Vulnerability (CNVD-2025-03172)

Student Grading System is a student grading system. A SQL injection vulnerability exists in Student Grading System version 1.0, which stems from a lack of validation of externally entered SQL statements in the parameter id of the file /viewstudents.php. An attacker can exploit this vulnerability ...

CVE-2025-0212

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-0212

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-0212 Campcodes Student Grading System view_students.php sql injection

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-0212 Campcodes Student Grading System view_students.php sql injection

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...