CVE-2024-10447

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updateprofile. The manipulation of the argument n leads to sql injection. The attack...

Cross-site Scripting (XSS) - Reflected in gibbonedu/core

Description There's a reflected xss in the tab parameter in both the student dashboard and the staff dashboard Proof of Concept Visit http://localhost/gibon/index.php?tab=asd%3C/script%3E%3Csvg/onload=alert1%3E Impact This vulnerability is result to xss which then can be used to achieve more thin...