36 matches found
WordPress Easy Student Results <=2.2.8 - Improper Authorization
WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...
CVE-2026-5531 SourceCodester Student Result Management System HTTP GET Request login_credentials.txt cleartext storage in file
A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /logincredentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated remotel...
CVE-2026-4783
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...
CVE-2026-4783
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...
EUVD-2026-15180
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...
CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection
A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...
PT-2026-27634
Name of the Vulnerable Software and Affected Versions itsourcecode College Management System version 1.0 Description A SQL injection issue exists in itsourcecode College Management System 1.0. The issue is located in the /admin/add-single-student-results.php file within the Parameter Handler...
CVE-2026-2938
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...
CVE-2026-2912
CVE-2026-2912 affects code-projects Online Reviewer System v1.0. The vulnerability is in /system/system/students/assessments/results/studentresult-view.php, where manipulating the test_id argument triggers SQL injection. Exploitation is remote, and public exploitation has been reported. Multiple ...
PT-2026-21412
Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0 Description A SQL injection issue exists in code-projects Online Reviewer System 1.0. The issue is located in the file /system/system/students/assessments/results/studentresult-view.php...
CVE-2025-11551
A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...
EUVD-2022-34645
Malicious code in bioql PyPI...
PHPGurukul Student Result Management System 注入漏洞
Student Result Management System is a student result management system. Student Result Management System suffers from a SQL injection vulnerability that stems from an error in the parameter nid in the file /notice-details.php that lacks validation of externally entered SQL statements. An attacker...
SourceCodester Student Result Management System 安全漏洞
SourceCodester Student Result Management System is an open source student result management system from SourceCodester. A security vulnerability exists in SourceCodester Student Result Management System version 1.0, which originates from a cross-site scripting attack due to a misuse of the file...
CVE-2022-2378
The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2024-1022
A vulnerability, which was classified as problematic, was found in CodeAstro Simple Student Result Management System 5.6. This affects an unknown part of the file /addclasses.php of the component Add Class Page. The manipulation of the argument Class Name leads to cross site scripting. It is...
Projectworlds Student Result Management System SQL Injection Vulnerability
Projectworlds Student Result Management System is a student result management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Student Result Management System v1.0, which stems from the "classname" parameter of addresults.php not validating the received...
CVE-2022-2379
The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...
CVE-2022-2379
The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...
CVE-2022-2378
The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...