CVE-2026-9574

The CVE-2026-9574 entry concerns itsourcecode Student Transcript Processing System 1.0. A flaw in the /admin/modules/student/trans.php component allows SQL injection by manipulating the argument studentId/cid. It is exploitable remotely, and the exploit has been published, indicating potential fo...

CVE-2026-9573 itsourcecode Student Transcript Processing System index.php sql injection

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The explo...

itsourcecode Student Transcript Processing System SQL注入漏洞

itsourcecode Student Transcript Processing System is an open-source student transcript processing system developed by itsourcecode. Version 1.0 of the itsourcecode Student Transcript Processing System has a SQL injection vulnerability. This vulnerability arises from unknown code in the...

EUVD-2019-19241

Malware in sbrugna...

EUVD-2018-9324

Malware in sbrugna...

EUVD-2025-12340

Malicious code in bioql PyPI...

CVE-2025-9837

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9837 itsourcecode Student Information Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-9837 itsourcecode Student Information Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...

SpringBoot-Vue-OnlineExam 安全漏洞

SpringBoot-Vue-OnlineExam is an online exam system by Yu Personal Developer. A security vulnerability exists in SpringBoot-Vue-OnlineExam version 1.0, which stems from an unauthenticated password change due to manipulation of the studentId parameter in file/api/studentPWD...

CVE-2025-3205

A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2024-33982

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

CVE-2024-33982 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

CVE-2024-33982

The CVE-2024-33982 entry corresponds to an XSS flaw in School Attendance Monitoring System v1.0 and School Event Management System v1.0. The vulnerability arises from unsafely handling the StudentID parameter in /AttendanceMonitoring/student/controller.php, enabling an attacker to craft a URL to ...

CVE-2024-33982 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

PayPal,Credit Card and Debit Card Payment SQL注入漏洞

PayPal,Credit Card and Debit Card Payment is a PayPal, Credit Card and Debit Card Payment software by janobe individual developer. A SQL injection vulnerability exists in PayPal,Credit Card and Debit Card Payment version 1.0. An attacker can use this vulnerability to send a specially crafted quer...

PT-2024-25614 · Unknown · School Management System +1

Name of the Vulnerable Software and Affected Versions: School Attendance Monitoring System version 1.0 School Event Management System version 1.0 Description: A Cross-Site Scripting XSS issue affects the system, allowing an attacker to create a specially crafted URL and send it to a victim to...

Information leakage vulnerability in smart bill payment platforms

Guilin Jiapeng Information Technology Co., Ltd. is a company that gathers high-quality software development talents and marketing talents and focuses on the development and application of college management software. There is an information leakage vulnerability in the smart fee payment platform...

CVE-2019-9885

eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...

CVE-2019-9885 eClass platform contains a SQL injection vulnerability

eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...