CVE-2025-67259

Affects ClassroomIO v0.1.13. A Broken Access Control vulnerability allows an authenticated low-privilege student to access unauthorized course information by altering intercepted API requests. Specifically, changing a captured POST request to a GET against the /rest/v1/course PostgREST endpoint e...

CVE-2026-0547

A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be...

CVE-2026-0547 PHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted upload

A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be...

CVE-2026-0547

PHPGurukul Online Course Registration up to v3.1 contains a vulnerability in the admin/edit-student-profile.php component where manipulating the photo parameter allows unrestricted file uploads. The issue is exploitable remotely and exploits have been made public, enabling arbitrary files to be u...

PHPGurukul Online Course Registration 代码问题漏洞

PHPGurukul Online Course Registration is an online course registration system from PHPGurukul, Inc. A code issue vulnerability exists in PHPGurukul Online Course Registration 3.1 and earlier versions, which stems from incorrect manipulation of the parameter photo in the component student...

EUVD-2018-18679

Malware in sbrugna...

Library System profile.php file code issue vulnerability

Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /user/student/profile.php. An attacker can exploit this vulnerability to upload malicious files...

CVE-2024-5112

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/studentprofile.php. The manipulation of the argument stdindex leads to sql injection. The attack can be initiated...

CVE-2023-41506

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2021-29055

Cross Site Scripting XSS vulnerability in sourcecodester School File Management System 1.0 via the Firtstname parameter to the Update Account form in studentprofile.php...

Online Course Registration /edit-student-profile.php File SQL Injection Vulnerability

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cgpa in the file /edit-student-profile.php. An attacker can...

PHPGurukul Online Course Registration 注入漏洞

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cgpa in the file /edit-student-profile.php. An attacker can...

CVE-2025-4724

A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /studentprofile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely...

itsourcecode Placement Management System 安全漏洞

itsourcecode Placement Management System is an open source placement management system from itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter ID in the file...

CVE-2024-5113

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/studentprofile1.php. The manipulation of the argument stdindex leads to sql injection. The attack may be initiated...

CVE-2024-5112

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view/studentprofile.php. The manipulation of the argument stdindex leads to sql injection. The attack can be initiated...

PT-2024-34530 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue has been discovered, affecting the /view/student profile.php file. The manipulation of the std index argument leads to SQL injection. This issue c...

Complete Web-Based School Management System SQL注入漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Web-Based School Management System version 1.0, which originates from an unknown function in /view/studentprofile.php that...

PT-2024-34532 · Campcodes · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A critical issue affects the processing of the file /view/student profile1.php, where the manipulation of the std index argument leads to SQL injection. The attack...

Complete Web-Based School Management System SQL注入漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Web-Based School Management System version 1.0, which originates from an unknown function in /view/studentprofile1.php that...