32 matches found
CVE-2023-40946
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php...
CVE-2023-40946
CVE-2023-40946 affects Schoolmate 1.3 with a SQL Injection in the SESSION variable $username used in ValidateLogin.php. The NVD entry lists CVSS v3.1: 9.8 (CRITICAL) with network attack vector, no user interaction, and no privileges required; impact to confidentiality, integrity, and availability...
CVE-2023-40944
CVE-2023-40944 affects Schoolmate 1.3 with a SQL Injection in the variable $schoolname used in the database query in header.php. The vulnerability is characterized as CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL). Connected sources corroborate the issue across multiple...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...
Sql injection
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...
Schoolmate SQL注入漏洞
Schoolmate is a PHP/MySQL solution for elementary, middle and high schools from mrmunkey22 Individual Developer. A security vulnerability exists in Schoolmate v1.3 that stems from the $courseid and $teacherid parameters in DeleteFunctions.php containing multiple SQL injection vulnerabilities...
PT-2023-27134 · Unknown · Schoolmate
Name of the Vulnerable Software and Affected Versions: Schoolmate version 1.3 Description: The issue is related to multiple SQL injection vulnerabilities. These vulnerabilities can be exploited via the $courseid and $teacherid parameters at the DeleteFunctions.php file. There is no information...
CVE-2023-39850
CVE-2023-39850 : Schoolmate v1.3 contains multiple SQL injection vulnerabilities in DeleteFunctions.php, exploitable via the parameters $courseid and $teacherid. The NVD entry rates the impact as CRITICAL (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating potential high confidentiality, ...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...
CVE-2023-39850
Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities via the $courseid and $teacherid parameters at DeleteFunctions.php...