CVE-2026-9573

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The explo...

EUVD-2026-31958

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The explo...

itsourcecode Student Transcript Processing System SQL注入漏洞

itsourcecode Student Transcript Processing System is an open-source student transcript processing system developed by itsourcecode. Version 1.0 of the itsourcecode Student Transcript Processing System has a SQL injection vulnerability. This vulnerability arises from improper handling of the...

EUVD-2026-9143

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter studentid in the file...

EUVD-2026-4952

A vulnerability was detected in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editstudentquery.php. The manipulation of the argument studentid results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection

A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/deletestudent.php. The manipulation of the argument studid results in sql injection. The attack may be performed from remote. The exploit has been released ...

EUVD-2025-29726

Malicious code in bioql PyPI...

CVE-2025-10593 SourceCodester Online Student File Management System update_student.php sql injection

A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/updatestudent.php. Performing manipulation of the argument studid results in sql injection. It is possible to initiate the attack remotely. The exploit is n...

Online Library Management System /admin/student-history.php File SQL Injection Vulnerability

Online Library Management System is an online library management system. A SQL injection vulnerability exists in Online Library Management System, which originates from the lack of validation of externally-entered SQL statements in the parameter stdid in the file /admin/student-history.php. An...

Online Library Management System Cross-Site Scripting Vulnerability

Online Library Management System is an online library management system. Online Library Management System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter stdid in the file...

PHPGurukul Online Library Management System 代码注入漏洞

Online Library Management System is an online library management system. Online Library Management System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter stdid in the file...

School Fees Payment System student.php File SQL Injection Vulnerability

School Fees Payment System is a tuition payment system. The School Fees Payment System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter ID of the file /student.php. An attacker can exploit this vulnerability...

VulnCheck KEV: CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

Open Solutions For Education OS4Ed OpenSIS SQL注入漏洞

Open Solutions For Education OS4Ed OpenSIS is commercial grade, secure, scalable and intuitive student information system, school management software from Open Solutions For Education, USA. With all the features to run single or multiple organizations in one installation. Web-based, php code, MyS...

CVE-2024-33982

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

Design/Logic Flaw

An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...

openSIS SQL注入漏洞

Open Solutions For Education openSIS is an open source student information management system from Open Solutions For Education. openSIS version 8.0 has a SQL injection vulnerability that originates from the parameter studentid in /modules/eligibility/Student.php that can be used for SQL injection...

CVE-2019-9885

eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...