CVE-2026-10808

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /managestudent.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use...

CVE-2026-36874

Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/loadstudent.php...

CVE-2025-14663

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

Code-Projects Student File Management System 代码注入漏洞

Student File Management System is a student file management system. Student File Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /admin/updatestudent.php, which can be exploited by a...

CVE-2025-14623

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/updatestudent.php. This manipulation of the argument studid causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2025-11347

A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...

EUVD-2025-32611

A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function moveuploadedfile of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated...

CVE-2025-11347

CVE-2025-11347 affects code-projects Student Crud Operation up to 3.3, where the function move_uploaded_file in add.php allows unrestricted file upload. The vulnerability can be triggered remotely and the exploit has been publicized. Affected versions are stated as up to 3.3; sources suggest that...

PT-2025-40957

Name of the Vulnerable Software and Affected Versions code-projects Student Crud Operation versions up to 3.3 Description A flaw exists in code-projects Student Crud Operation that allows for unrestricted file uploads. This is due to manipulation of the move uploaded file function within the...

EUVD-2025-26233

Malicious code in bioql PyPI...

CVE-2025-11061

A vulnerability was found in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/editstudent.php. Performing manipulation of the argument cys results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public...

CVE-2025-9665

A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /editstudent.php of the component Admin Panel. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The...

CVE-2025-9665

The CVE covers code-projects Simple Grading System 1.0, where the Admin Panel’s /edit_student.php contains a vulnerability in the ID parameter that allows SQL injection. This is exploitable remotely, with public exploit material available. Affected component is the Admin Panel through an unknown ...

Library System add-student.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /add-student.php for externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

CVE-2024-57459

A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands...

CloudClassroom-PHP-Project SQL注入漏洞

CloudClassroom-PHP-Project is a cloud classroom website by the individual developer Vishal Mathur. A security vulnerability exists in CloudClassroom-PHP-Project version 1.0, which stems from insufficient validation of the myds parameter in mydetailsstudent.php, which could lead to a SQL injection...

CVE-2024-7192

A vulnerability, which was classified as critical, was found in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/student.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit...

CVE-2024-6277 lahirudanushka School Management System Student Page student.php sql injection

A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sql injection. It is possible to launch the...

CVE-2024-6277 lahirudanushka School Management System Student Page student.php sql injection

A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sql injection. It is possible to launch the...

PT-2024-37505 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue was found in the Student Page component of the lahirudanushka School Management System, specifically in the file student.php. The manipulation ...