65 matches found
CVE-2026-2201
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201 ZeroWdd studentmanager LeaveController.java addLeave cross site scripting
A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cros...
CVE-2026-2201
CVE-2026-2201 affects ZeroWdd studentmanager. The flaw is in LeaveController.addLeave where manipulating the Reason for Leave parameter triggers cross-site scripting. Attack may be remote; exploit disclosed publicly. No specific affected version information is provided; project has not been activ...
EUVD-2024-51375
Malicious code in bioql PyPI...
EUVD-2023-42841
Malicious code in bioql PyPI...
EUVD-2025-15042
Malicious code in bioql PyPI...
EUVD-2025-15041
Malicious code in bioql PyPI...
EUVD-2024-51376
Malicious code in bioql PyPI...
EUVD-2024-51367
Malicious code in bioql PyPI...
EUVD-2024-51366
Malicious code in bioql PyPI...
EUVD-2025-15040
Malicious code in bioql PyPI...
CVE-2024-13133
A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted...
CVE-2024-13142
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. The...
CVE-2024-13134
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It i...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3564
A vulnerability classified as problematic has been found in huanfenz/code-projects StudentManager up to 1.0. This affects an unknown part of the component Teacher String Handler. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587 ZeroWdd/code-projects studentmanager getTeacherList improper authorization
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587
CVE-2025-3587 affects ZeroWdd/code-projects studentmanager version 1.0. The vulnerability involves improper authorization in the /getTeacherList file, allowing a remote attacker to exploit it. Public disclosures imply exploitable conditions. CVSS base impact ratings from sources include High conf...