PT-2026-36292

Name of the Vulnerable Software and Affected Versions SourceCodester Advanced School Management System version 1.0 Description A SQL injection flaw exists in the 'checkEmail' endpoint within the commonController.php file. This issue allows remote attackers to manipulate database queries through a...

EUVD-2024-25375

Malicious code in bioql PyPI...

EUVD-2024-48186

Malicious code in bioql PyPI...

EUVD-2023-23902

Malicious code in bioql PyPI...

EUVD-2024-48133

Malicious code in bioql PyPI...

EUVD-2024-48137

Malicious code in bioql PyPI...

EUVD-2025-28878

Malicious code in bioql PyPI...

CVE-2025-9306 SourceCodester Advanced School Management System addNotice cross site scripting

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely...

CVE-2024-24142

Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter...

CVE-2024-7166

A vulnerability was found in SourceCodester School Fees Payment System 1.0. It has been classified as critical. Affected is an unknown function of the file /receipt.php. The manipulation of the argument efid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

CVE-2024-28276

Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting XSS via add-task.php?taskname=...

CVE-2024-28277

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subjectname= parameter, enabling Stored Cross-Site Scripting XSS attacks. This vulnerability allows attackers to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloa...

CVE-2024-7221

A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manageuser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

CVE-2024-7221 SourceCodester/Campcodes School Log Management System manage_user.php sql injection

A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manageuser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

CVE-2024-7221 SourceCodester/Campcodes School Log Management System manage_user.php sql injection

A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manageuser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

CVE-2024-7220

A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/printbarcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2024-7220 SourceCodester/Campcodes School Log Management System print_barcode.php sql injection

A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/printbarcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2024-7220 SourceCodester/Campcodes School Log Management System print_barcode.php sql injection

A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/printbarcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2024-7220

CVE-2024-7220 affects SourceCodester/Campcodes School Log Management System 1.0. An SQL injection vulnerability exists in the /admin/print_barcode.php page where manipulation of the tbl argument enables remote exploitation. Multiple sources confirm the vulnerability, with exploit public and impac...

CVE-2024-7218

CVE-2024-7218 affects SourceCodester Campcodes School Log Management System 1.0. The vulnerability is in the /admin/ajax.php?action=save_student endpoint; manipulating the name parameter can trigger cross-site scripting. The attack is remote, and exploits have been published. Related advisories (...