299 matches found
Sql injection
A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...
CVE-2021-31650
CVE-2021-31650 affects Sourcecodester Online Grading System 1.0 with a SQL injection in the uname parameter, enabling remote attackers to execute arbitrary SQL commands. The vulnerability is rated CVSS v3.1 at 9.8 (CRITICAL). Public exploit availability is indicated (Exploit-DB). No patch/version...
CVE-2021-31650
A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...
Online Grading System SQL注入漏洞
Sourcecodester Online Grading System is a student information management system. The system provides functions such as student information management and online grading. A security vulnerability exists in Online Grading System version 1.0, which is caused by a uname parameter that allows remote...
PT-2022-10042 · Unknown · Sourcecodester Online Grading System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Grading System version 1.0 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the uname parameter. Recommendations: For Sourcecodester Online Grading System version 1.0,...
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Multiple cross-site request forgery CSRF vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allow remote attackers to hijack the authentication of teachers for quick-grading requests...
GHSA-6R7X-6Q98-QCQP Moodle does not set the RISK_XSS bit for graders
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...
Moodle does not set the RISK_XSS bit for graders
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...
GHSA-M8F5-9WG8-2C3H Moodle multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1...
Moodle multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1...
Student Grading System SQL Injection Vulnerability (CNVD-2022-44234)
Student Grading System is a student grading system from Carlo Montero's personal developer. v1.0 of Student Grading System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Student Grading System SQL注入漏洞
Student Grading System is a student grading system from Carlo Montero's personal developer. v1.0 of Student Grading System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
CVE-2022-28026
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=studentp&id=...
CVE-2022-28025
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=schoolyear...
CVE-2022-28024
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade...
CVE-2022-28026
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=studentp&id=...
CVE-2022-28024
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade...
CVE-2022-28025
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=schoolyear...
CVE-2022-28024
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=grade...
CVE-2022-28025
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via /student-grading-system/rms.php?page=schoolyear...