CVE-2026-11474

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

CVE-2026-11474 Kushan2k student-management-system Registration Endpoint RegisterService.php unrestricted upload

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

CVE-2026-11474

CVE-2026-11474 affects Kushan2k student-management-system (Registration Endpoint: RegisterService.php). The vulnerability arises from manipulating the stimg argument, enabling unrestricted file upload. Reported as remotely exploitable with public exploit, implying potential remote attacker impact...

PT-2026-47338

A vulnerability was detected in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to laun...

EUVD-2026-9136

A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2026-26695

code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordstudentedit.php...

CVE-2026-26695

The CVE-2026-26695 affects code-projects Simple Student Alumni System v1.0. The vulnerability is a SQL Injection in /TracerStudy/recordstudent_edit.php caused by insufficient input validation. This allows an attacker with network access (no authentication required) to manipulate database queries,...

CVE-2022-26633

Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /addrecord.php, which could...

EUVD-2024-55080

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

PT-2025-46971

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record Management System version 3.2.0 Description The PHPGurukul Student Record Management System version 3.2.0 is susceptible to SQL Injection. This issue affects the login.php file through the id and password parameters...

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

CVE-2024-44636

CVE-2024-44636 affects PHPGurukul Student Record System 3.20. A SQL Injection flaw exists in /admin-profile.php, exploitable via the parameters adminname and aemailid . The vulnerability, confirmed across multiple sources, could allow an attacker to execute SQL commands and access database data. ...

PROLIZ OBS 跨站脚本漏洞

PROLIZ OBS is a student information system from PROLIZ Turkey. A cross-site scripting vulnerability exists in Proliz OBS versions prior to 25.0401 that stems from improper input neutralization during web page generation and could lead to a stored cross-site scripting attack...

CVE-2025-6914

A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability is an unknown functionality of the file /edit-student.php. The manipulation of the argument fmarks2 leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-4467 SourceCodester Online Student Clearance System edit-admin.php sql injection

A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesignation leads to sql injection. The attack...

CVE-2025-4331 SourceCodester Online Student Clearance System login.php sql injection

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The...

PHPGurukul Student Record System 注入漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter course-short in the file /add-course.php. An attacker can exploit this vulnerability to...

CVE-2025-4063

A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument firstname/lastname leads to stack-based buffer overflow. The attack needs to be approached locally. The...

CVE-2024-3533 Campcodes Complete Online Student Management System academic_year_view.php cross site scripting

A vulnerability classified as problematic was found in Campcodes Complete Online Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file academicyearview.php. The manipulation of the argument FirstRecord leads to cross site scripting. The attack can b...