4 matches found
CVE-2024-50827
A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...
CVE-2024-50837
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/adminuser.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters...
CVE-2024-50837
CVE-2024-50837 pertains to the Kashipara E-learning Management System Project 1.0. It describes a stored XSS vulnerability in the /admin/admin_user.php endpoint where an attacker can inject scripts via the firstname and username parameters. The CVSS 3.1 base score is 5.4 (Medium) with network att...
CVE-2021-28000
A persistent cross-site scripting vulnerability was discovered in Local Services Search Engine Management System Project 1.0 which allows remote attackers to execute arbitrary code via crafted payloads entered into the Name and Address fields...