14 matches found
CVE-2024-25310
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5."...
CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
CVE-2024-25308
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacherlogin.php...
CVE-2024-25304
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."...
Sql injection
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php."...
CVE-2024-25308
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacherlogin.php...
CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacherlogin.php...
CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...
CVE-2024-25310
Code-projects Simple School Managment System 1.0 is affected by a SQL Injection in the endpoint School/delete.php?id=5. The vulnerability stems from unsanitized input in the id parameter, enabling arbitrary SQL execution with potential impact on confidentiality, integrity, and availability (CVSSv...
CVE-2024-25306
CVE-2024-25306 affects Code-projects Simple School Managment System 1.0. The vulnerability is a SQL injection via the aname parameter in School/index.php , caused by lack of input validation. Impact is described as high on confidentiality, integrity, and availability per CVSS 3.1 (AV:N/AC:L/PR:L/...
CVE-2024-25305
CVE-2024-25305 affects Code-projects Simple School Managment System 1.0. The issue is an authentication bypass via the username and password parameters on the School/index.php endpoint, enabling bypass of login to gain administrative access. The connected documents corroborate the vulnerability a...
CVE-2024-25312
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/subdelete.php?id=5."...