CVE-2026-10169

The CVE describes a weakness in the Forgot Password Endpoint of OUSL-GROUP-BrinaryBrains School Student Management System. The vulnerability affects the function ajax_forgot_password in application/controllers/Login.php, where manipulation of the email parameter enables weak password recovery. It...

PT-2026-45171

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...

CVE-2026-7545

A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is possible. The...

CVE-2025-65134

In manikandan580 School-management-system 1.0, a reflected cross-site scripting XSS vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter...

CVE-2026-1590 itsourcecode School Management System index.php sql injection

A vulnerability was identified in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/faculty/index.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

PT-2026-3504

A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

CVE-2025-13784

A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...

yungifez Skuul School Management System vulnerable to XSS via SVG

A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...

CVE-2025-11659

A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/uploadNotes.php. This manipulation of the argument File causes unrestricted upload. Remote...

EUVD-2024-49359

Malicious code in bioql PyPI...

EUVD-2024-49163

Malicious code in bioql PyPI...

EUVD-2024-44250

Malicious code in bioql PyPI...

SourceCodester Advanced School Management System 安全漏洞

SourceCodester Advanced School Management System is an advanced school management system from SourceCodester open source. A security vulnerability exists in SourceCodester Advanced School Management System version 1.0, which stems from cross-site scripting due to incorrect manipulation of the...

PT-2025-26633 · Unknown · Phpgurukul Pre-School Enrollment System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Pre-School Enrollment System Project version V1.0 Description: The issue concerns a Directory Traversal vulnerability in the update-teacher-pic.php file. This allows for potential unauthorized access to sensitive files and...

CVE-2025-6321 PHPGurukul Pre-School Enrollment System add-subadmin.php sql injection

A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. The attack can be...

CVE-2025-6319

A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. This issue affects some unknown processing of the file /admin/add-teacher.php. The manipulation of the argument tsubject leads to sql injection. The attack may be initiated remotely...

PT-2025-26292 · Unknown · Phpgurukul Pre-School Enrollment System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Pre-School Enrollment System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Pre-School Enrollment System. The issue affects an unknown functionality of the file /admin/add-subadmin.php, where the...

PHPGurukul Pre-School Enrollment System 注入漏洞

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter sadminusername in the file...

PT-2025-26291 · Unknown · Phpgurukul Pre-School Enrollment System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Pre-School Enrollment System version 1.0 Description: A critical vulnerability was found in the PHPGurukul Pre-School Enrollment System. The issue is related to an unknown function of the file /admin/add-class.php, where the...

CVE-2024-5239

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view/timetableupdateform.php. The manipulation of the argument grade leads to sql injection. The attack can be initiated...