7 matches found
CVE-2025-14566
A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initia...
CVE-2025-14565
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed fro...
CVE-2025-14565 kidaze CourseSelectionSystem login1.php sql injection
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed fro...
CVE-2025-11052
CVE-2025-11052 affects kidaze CourseSelectionSystem version 1.0/5.php, with the vulnerability located in /Profilers/PriProfile/COUNT3s5.php where manipulating the csslc parameter leads to SQL injection. The issue is exploitable remotely and an exploit has been publicly released. Multiple sources ...
CVE-2025-10665 kidaze CourseSelectionSystem COUNT3s3.php sql injection
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipulation of the argument csem leads to sql injection. Remote exploitation of the attack is possible...
CVE-2025-10597 kidaze CourseSelectionSystem COUNT2.php sql injection
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injection. The attack may be initiated remotely...
CVE-2025-10477
CVE-2025-10477 affects kidaze CourseSelectionSystem. The vulnerability is a SQL injection caused by manipulation of the Branch argument in an unknown function within /Profilers/PriProfile/eligibility.php. It is exploitable remotely, and publicly available exploits exist. The product does not use ...