Lucene search
K

36 matches found

Nuclei
Nuclei
added 6 hours ago21 views

WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

7.5CVSS7.1AI score0.02801EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/04/05 1:0 a.m.3 views

CVE-2026-5531 SourceCodester Student Result Management System HTTP GET Request login_credentials.txt cleartext storage in file

A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /logincredentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated remotel...

6.9CVSS5.6AI score0.00204EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.5 views

CVE-2026-4783

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 1:17 a.m.5 views

CVE-2026-4783

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/25 12:32 a.m.2 views

EUVD-2026-15180

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/25 12:32 a.m.31 views

CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-27634

Name of the Vulnerable Software and Affected Versions itsourcecode College Management System version 1.0 Description A SQL injection issue exists in itsourcecode College Management System 1.0. The issue is located in the /admin/add-single-student-results.php file within the Parameter Handler...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/02/23 1:31 p.m.2 views

CVE-2026-2938

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...

7.5CVSS6.9AI score0.00567EPSS
Exploits1References1
CVE
CVE
added 2026/02/22 3:32 a.m.15 views

CVE-2026-2912

CVE-2026-2912 affects code-projects Online Reviewer System v1.0. The vulnerability is in /system/system/students/assessments/results/studentresult-view.php, where manipulating the test_id argument triggers SQL injection. Exploitation is remote, and public exploitation has been reported. Multiple ...

9.8CVSS7.2AI score0.0033EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.7 views

PT-2026-21412

Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0 Description A SQL injection issue exists in code-projects Online Reviewer System 1.0. The issue is located in the file /system/system/students/assessments/results/studentresult-view.php...

9.8CVSS7AI score0.0033EPSS
Exploits1References12
OSV
OSV
added 2025/10/09 6:15 p.m.3 views

CVE-2025-11551

A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

9.8CVSS5.7AI score0.00359EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2022-34645

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0051EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/07/13 12:0 a.m.4 views

PHPGurukul Student Result Management System 注入漏洞

Student Result Management System is a student result management system. Student Result Management System suffers from a SQL injection vulnerability that stems from an error in the parameter nid in the file /notice-details.php that lacks validation of externally entered SQL statements. An attacker...

9.8CVSS8AI score0.00448EPSS
Exploits2References6
CNNVD
CNNVD
added 2025/06/22 12:0 a.m.4 views

SourceCodester Student Result Management System 安全漏洞

SourceCodester Student Result Management System is an open source student result management system from SourceCodester. A security vulnerability exists in SourceCodester Student Result Management System version 1.0, which originates from a cross-site scripting attack due to a misuse of the file...

4.8CVSS3.9AI score0.0025EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.4 views

CVE-2022-2378

The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.0051EPSS
Exploits2References1
OSV
OSV
added 2024/01/29 11:15 p.m.4 views

CVE-2024-1022

A vulnerability, which was classified as problematic, was found in CodeAstro Simple Student Result Management System 5.6. This affects an unknown part of the file /addclasses.php of the component Add Class Page. The manipulation of the argument Class Name leads to cross site scripting. It is...

4.8CVSS3.9AI score0.00539EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.4 views

Projectworlds Student Result Management System SQL Injection Vulnerability

Projectworlds Student Result Management System is a student result management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Student Result Management System v1.0, which stems from the "classname" parameter of addresults.php not validating the received...

9.8CVSS7.9AI score0.00671EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/15 11:21 a.m.1 views

CVE-2022-2379

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...

7.5CVSS5.9AI score0.02801EPSS
Exploits2References3
NVD
NVD
added 2022/08/15 11:21 a.m.24 views

CVE-2022-2379

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...

7.5CVSS0.02801EPSS
Exploits2References1
OSV
OSV
added 2022/08/15 11:21 a.m.1 views

CVE-2022-2378

The Easy Student Results WordPress plugin through 2.2.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.0051EPSS
Exploits2References1
Rows per page
Query Builder