Lucene search
K

4245 matches found

Cvelist
Cvelist
added 2026/04/28 12:0 a.m.35 views

CVE-2026-37750

A reflected Cross-Site Scripting XSS vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the unsanitized type parameter in register.php...

0.0037EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

School Management System 安全漏洞

School Management System is a school management system developed by ManiKandan G, based on PHP and MySQL. There is a security vulnerability in School Management System, which stems from the uncleaned type parameter in the register.php file. This vulnerability could allow unauthorized remote...

6.1CVSS6.1AI score0.0037EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.5 views

CVE-2026-37750

A reflected Cross-Site Scripting XSS vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the unsanitized type parameter in register.php...

5.8AI score0.0037EPSS
Exploits1References3
MSRC
MSRC
added 2026/04/22 12:0 a.m.8 views

From first report to MVR: Harun’s path in cloud security research

Harun’s relationship with technology began early, driven by curiosity rather than obligation. While still in high school, he taught himself Pascal and C simply because he wanted to understand how things worked. Those languages never became central to his professional career, but they shaped how h...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/04/20 3:34 a.m.6 views

EUVD-2026-23743

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS5.6AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/04/20 3:16 a.m.11 views

CVE-2026-6595

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 2:0 a.m.8 views

CVE-2026-6595

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/20 2:0 a.m.31 views

CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 2:0 a.m.17 views

CVE-2026-6595

ProjectsAndPrograms School Management System, up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59, contains a vulnerability in buslocation.php (HTTP GET Parameter Handler). Manipulating the bus_id parameter causes an SQL injection, with remote attack possible and a publicly available exploit. The prod...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 2:0 a.m.5 views

CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.12 views

School Management System 安全漏洞

School Management System is a school management system developed by ManiKandan G, based on PHP and MySQL. There is a security vulnerability in School Management System, which stems from incorrect handling of the busid parameter in the buslocation.php file, potentially leading to SQL injection...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33690

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument bus id leads to sql...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/16 7:29 p.m.106 views

Exploit for CVE-2026-37750

CVE-2026-37750 CVE-2026-37750 — School Management System 1...

5.8AI score0.0037EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/16 1:22 p.m.7 views

CVE-2025-65133

A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...

9.8CVSS5.9AI score0.00526EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2025-209447

In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter...

6.1CVSS5.8AI score0.00181EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2025-209444

A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...

5.9AI score0.00526EPSS
Exploits1References2
NVD
NVD
added 2026/04/14 4:16 p.m.7 views

CVE-2025-65133

A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...

9.8CVSS0.00526EPSS
Exploits1References2
NVD
NVD
added 2026/04/14 4:16 p.m.7 views

CVE-2025-65136

In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter...

6.1CVSS0.00181EPSS
Exploits1References1
NVD
NVD
added 2026/04/14 4:16 p.m.4 views

CVE-2025-65134

In manikandan580 School-management-system 1.0, a reflected cross-site scripting XSS vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter...

6.1CVSS0.00181EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32657

A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...

9.8CVSS5.9AI score0.00526EPSS
Exploits1References4
Rows per page
Query Builder