Lucene search
K

4502 matches found

Nuclei
Nuclei
added yesterday55 views

Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS6.7AI score0.017EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday27 views

WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

7.5CVSS7AI score0.02801EPSS
Exploits2References5
NVD
NVD
added 2 days ago5 views

CVE-2026-15492

A security vulnerability has been detected in igweze wizgrade up to b1d55f22b90cd7e7a6e5002f006d7c649e8086d6. This vulnerability affects unknown code of the file dashboard/studentConductManager.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The...

5.3CVSS0.00422EPSS
Exploits0References5
CVE
CVE
added 2 days ago14 views

CVE-2026-15492

The CVE-2026-15492 entry concerns Igweze WizGrade, affecting the file dashboard/studentConductManager.php. The vulnerability is a cross-site scripting flaw in an unknown code path of the application, with remote exploitation and public disclosure. The available data show a rolling-release deploym...

5.3CVSS4.6AI score0.00422EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago37 views

CVE-2026-15492 igweze wizgrade studentConductManager.php cross site scripting

A security vulnerability has been detected in igweze wizgrade up to b1d55f22b90cd7e7a6e5002f006d7c649e8086d6. This vulnerability affects unknown code of the file dashboard/studentConductManager.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The...

5.3CVSS0.00422EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/05 11:30 p.m.6 views

CVE-2026-14778

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/07/05 11:30 p.m.13 views

CVE-2026-14778

The CVE concerns SourceCodester Onlne Examination & Learning Management System 1.0. The vulnerability is in the Enrollment Management component, specifically the /ajax_enroll.php file, where manipulation of the arguments student_id, schedule_id, or action leads to improper authorization. This all...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References6
NVD
NVD
added 2026/07/03 8:16 p.m.7 views

CVE-2026-14608

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...

5.3CVSS0.00223EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 8:0 p.m.14 views

CVE-2026-14608

SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 is affected. The vulnerability resides in the POST Handler’s /index.php?action=view_student where manipulating the ID argument bypasses authorization. Remote exploitation is possible, and the exploit has been publicly di...

5.3CVSS5.6AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55582

Name of the Vulnerable Software and Affected Versions SourceCodester CET Automated Grading System with AI Predictive Analytics version 1.0 Description An authorization bypass exists in the POST Handler component. Remote exploitation is possible by manipulating the ID variable within the...

5.3CVSS6AI score0.00223EPSS
Exploits0References10
CVE
CVE
added 2026/06/27 6:50 a.m.24 views

CVE-2026-11773

CVE-2026-11773 affects the Masteriyo LMS – LMS Course Builder, Quizzes & Certificates WordPress plugin (versions up to 2.2.1). The issue is an authorization bypass where the plugin fails to verify a user’s permission, enabling authenticated attackers with student-level access and above to modify ...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.14 views

PT-2026-53050

Name of the Vulnerable Software and Affected Versions Masteriyo LMS – LMS Course Builder, Quizzes & Certificates versions prior to 2.2.2 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. This allows...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References12
NVD
NVD
added 2026/06/26 11:16 a.m.9 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:4 a.m.10 views

EUVD-2026-39643

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:4 a.m.8 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 10:4 a.m.17 views

CVE-2026-57912

This CVE concerns the Johnson & Johnson Campus Recruiting web application (pre-2025-10-31), where data provided by recruited students and notes entered by interviewers may be viewed by unauthorized parties. The vulnerability implies an exposure of personal/student data with no available details o...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 10:4 a.m.35 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 8:16 p.m.13 views

CVE-2026-12529

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote...

7.5CVSS0.00284EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/17 6:30 p.m.10 views

EUVD-2026-37780

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the component Student Self-Registration Endpoint. The manipulation leads to improper access controls. Remote...

7.5CVSS7AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 10:54 a.m.13 views

CVE-2026-46849

Vulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle PeopleSoft component: Other. The supported version that is affected is 9.2.38. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...

8.1CVSS0.00375EPSS
Exploits0References1
Rows per page
Query Builder