CVE-2026-9471 yashpokharna2555 StudentManagementSystem student.php cross site scripting

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

CVE-2026-9471

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

CVE-2026-9471 yashpokharna2555 StudentManagementSystem student.php cross site scripting

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

EUVD-2025-202199

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...

CVE-2025-65594

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...

PT-2025-50207

Name of the Vulnerable Software and Affected Versions OpenSIS versions 9.2 and below Description An issue exists in OpenSIS that relates to incorrect access control within the Student.php component. An authenticated user with limited privileges can perform unauthorized database write operations...

CVE-2025-7173

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-7173

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-7173 code-projects Library System add-student.php sql injection

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-7173 code-projects Library System add-student.php sql injection

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

code-projects Library System 安全漏洞

Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /add-student.php for externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

PHPGurukul Student Record System 注入漏洞

PHPGurukul Student Record System is an application from PHPGurukul Inc. An injection vulnerability exists in version 3.2 of the PHPGurukul Student Record System, which results from SQL injection due to incorrect manipulation of parameter fmarks2 in file /edit-student.php...

CVE-2025-6569

The CVE-2025-6569 entry applies to code-projects School Fees Payment System 1.0. Affected is the /student.php functionality where manipulating parameters (sname, contact, about, emailid, transcation_remark) triggers cross-site scripting. The vulnerability can be exploited remotely and public expl...

CVE-2025-6569 code-projects School Fees Payment System student.php cross site scripting

A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulation of the argument sname/contact/about/emailid/transcationremark leads to cross site scripting. T...

CVE-2025-6403 code-projects School Fees Payment System student.php sql injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-2973

A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profileimage leads to unrestricted upload. It is possible to initiate the attack remotely. The...

CVE-2025-22924

OS4ED openSIS v7.0 through v9.1 contains a SQL injection vulnerability via the stuid parameter at /modules/students/Student.php...

CVE-2024-10736

A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2024-10736 Codezips Free Exam Hall Seating Management System student.php sql injection

A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2024-10736

CVE-2024-10736 affects Codezips Free Exam Hall Seating Management System 1.0. The vulnerability is in /student.php via the email parameter, enabling SQL injection. Attack can be remote; exploit has been disclosed publicly. Impact is substantial (data exposure/integrity/availability). According to...