21 matches found
CVE-2024-7665 SourceCodester Car Driving School Management System manage_package.php sql injection
A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file managepackage.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. T...
CVE-2024-34928
CVE-2024-34928 affects Campcodes Complete Web-Based School Management System 1.0. A SQL injection flaw exists in /model/update_subject_routing.php via the grade parameter, enabling an attacker to execute arbitrary SQL commands. The vulnerability stems from improper input handling in the stated en...
CVE-2024-5238
CVE-2024-5238 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is an SQL injection in an unknown part of /view/timetable_insert_form.php triggered by manipulating the grade parameter. It can be exploited remotely and has publicly disclosed exploit information (...
CVE-2024-5107
CVE-2024-5107 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from manipulation of the index parameter in the file /view/student_payment_details2.php, enabling SQL injection. It is a remote attack and the exploit has been disclosed publicly. Multiple so...
CVE-2024-5103
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/studentfirstpayment.php. The manipulation of the argument grade leads to sql injection. The attack...
CVE-2024-4911
CVE-2024-4911 affects Campcodes Complete Web-Based School Management System v1.0. The vulnerability is in /view/student_exam_mark_update_form.php where manipulation of the exam parameter enables SQL injection, admitting remote exploitation. Multiple connected sources confirm the issue without det...
CVE-2024-4907
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/showstudent2.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated remotely...
CVE-2024-4717
CVE-2024-4717 affects Campcodes Complete Web-Based School Management System 1.0. A cross-site scripting vulnerability arises from manipulating the name parameter in /model/update_classroom.php, exploitable remotely. The issue is triggered by improper handling of the argument name, enabling user-c...
CVE-2024-4676
The vulnerability CVE-2024-4676 affects Campcodes Complete Web-Based School Management System 1.0. The issue is a cross-site scripting (XSS) flaw arising from manipulation of the count argument in the /view/range_grade_text.php endpoint. Attack vector is remote and public exploit appears to have ...
CVE-2024-4651
A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/studentattendancehistory1.php. The manipulation of the argument year leads to cross site scripting. The...
CVE-2024-4650
A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/studentduepayment.php. The manipulation of the argument duemonth leads to cross site scripting. The attack can be initiated...
CVE-2024-33409
SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter...
CVE-2024-4523
CVE-2024-4523 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability arises from cross-site scripting in the year parameter of the file /view/teacher_attendance_history1.php, enabling remote exploitation. Multiple connected sources confirm the issue and its public di...
CVE-2024-4519
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /view/teachersalarydetails3.php. The manipulation of the argument month leads to cross site scripting. The attack may be...
CVE-2024-33405
SQL injection vulnerability in addfriends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friendindex parameter...
CVE-2024-33405
CVE-2024-33405 concerns the Campcodes Complete Web-Based School Management System 1.0. The vulnerability is an SQL injection in the add_friends.php script, exploitable via the friend_index parameter, allowing an attacker to execute arbitrary SQL commands. The description across connected document...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacherlogin.php...
CVE-2024-25304
The CVE-2024-25304 affects Code-projects Simple School Management System 1.0, where an SQL Injection flaw exists in the School/index.php entry point via the 'apass' parameter. The root cause is lack of input validation for this parameter, enabling attackers to manipulate queries and potentially a...
CVE-2023-3310
A vulnerability, which was classified as critical, has been found in code-projects Agro-School Management System 1.0. Affected by this issue is some unknown functionality of the file loaddata.php. The manipulation of the argument subject/course leads to sql injection. The attack may be launched...
CVE-2023-3062
CVE-2023-3062 concerns code-projects Agro-School Management System v1.0. The vulnerability affects an unknown function in index.php where manipulating the password parameter leads to a SQL injection, enabling remote exploitation. Multiple sources (NVD/Red Hat/CVE listing) corroborate the critical...