11 matches found
CVE-2026-6488
A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...
CVE-2026-6490
A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...
CVE-2026-6490 QueryMine sms GET Request Parameter deletecourse.php sql injection
A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...
CVE-2026-6490 QueryMine sms GET Request Parameter deletecourse.php sql injection
A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...
CVE-2026-6490
CVE-2026-6490 affects QueryMine sms (admin/deletecourse.php) where manipulation of the argument ID in the GET Request Parameter Handler leads to SQL injection. The vulnerability can be triggered remotely and the exploit is publicly available. The affected software is described as using a rolling ...
CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload
A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...
CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload
A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...
CVE-2026-6488
CVE-2026-6488 affects QueryMine sms, specifically the admin/editcourse.php code path under the GET Request Parameter Handler. The root cause is SQL injection triggered by manipulating the argument ID, allowing remote exploitation. Public exploit appears to be available; the disclosure notes rolli...
CVE-2026-6488 QueryMine sms GET Request Parameter editcourse.php sql injection
A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...
PT-2026-33449
Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...
PT-2026-33453
Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description A SQL injection flaw exists in the GET Request Parameter Handler component within the 'admin/deletecourse.php' file. A remote attacker can trigger this issue by...