Lucene search
+L

383 matches found

NVD
NVD
added 2025/09/15 1:15 a.m.7 views

CVE-2025-10418

A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewstudents.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made availab...

8.8CVSS0.00351EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/15 12:32 a.m.5 views

CVE-2025-10418 SourceCodester Student Grading System view_students.php sql injection

A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewstudents.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made availab...

6.5CVSS6.4AI score0.00351EPSS
Exploits1References5
CVE
CVE
added 2025/09/15 12:32 a.m.26 views

CVE-2025-10418

CVE-2025-10418 affects SourceCodester Student Grading System 1.0. The vulnerability lies in /view_students.php where manipulation of the ID parameter causes SQL injection. Exploitation can be performed remotely and publicly available exploit code exists. Impact is high for confidentiality, integr...

8.8CVSS6.4AI score0.00351EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.9 views

PT-2025-37438

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Grading System version 1.0 Description: A SQL injection weakness exists in the /view students.php file of the application. Manipulation of the ID argument can trigger the injection. This issue can be exploited remotely...

8.8CVSS6.5AI score0.00351EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.6 views

SourceCodester Student Grading System SQL注入漏洞

SourceCodester Student Grading System is a SourceCodester open source student grading system. A SQL injection vulnerability exists in SourceCodester Student Grading System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /viewstudents.php, which could lead to a...

8.8CVSS6.9AI score0.00351EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/16 3:38 a.m.3 views

CVE-2025-6079 School Management System <= 93.2.0 - Authenticated (Student+) Arbitrary File Upload

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and abov...

8.8CVSS6.6AI score0.00557EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/07 12:0 a.m.3 views

Student Attendance Management System 安全漏洞

Student Attendance Management System is a student attendance management system by rickxy individual developer. A security vulnerability exists in Student Attendance Management System v1. The vulnerability stems from SQL injection due to incorrect manipulation of the parameters Id, firstname and...

8.8CVSS7.7AI score0.00302EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.9 views

CVE-2025-50869

A stored Cross-Site Scripting XSS vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input fields for Query and Answer do not properly sanitize user input. Authenticated users can inject arbitrary JavaScript code...

6.1CVSS5.3AI score0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.5 views

Institute-of-Current-Students 安全漏洞

Institute-of-Current-Students is a school management website by the individual developer Vishal Mathur. A security vulnerability exists in version 1.0 of Institute-of-Current-Students, which stems from insufficient cleanup of the Query and Answer input fields in the file querydetails.php, which...

6.1CVSS6.1AI score0.0019EPSS
Exploits0References3
CVE
CVE
added 2025/08/01 12:0 a.m.16 views

CVE-2025-50869

CVE-2025-50869 is a stored XSS vulnerability in Institute-of-Current-Students 1.0, located in the qureydetails.php page. The input fields for Query and Answer are not properly sanitized, allowing authenticated users to inject arbitrary JavaScript code. Public documentation in connected sources co...

6.1CVSS5.8AI score0.0019EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/07/25 4:55 p.m.99 views

Exploit for CVE-2025-52399

CVE-2025-52399 - SQL Injection in Institute of Current Student...

8.9AI score
Exploits0
OSV
OSV
added 2025/07/25 1:15 p.m.4 views

CVE-2025-51411

A reflected cross-site scripting XSS vulnerability exists in Institute-of-Current-Students v1.0 via the email parameter in the /postquerypublic endpoint. The application fails to properly sanitize user input before reflecting it in the HTML response. This allows unauthenticated attackers to injec...

6.1CVSS5.9AI score0.00322EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.4 views

Institute-of-Current-Students 安全漏洞

Institute-of-Current-Students is a school management website by the individual developer Vishal Mathur. A security vulnerability exists in version 1.0 of Institute-of-Current-Students, which stems from improper email parameter cleanup and could lead to reflective cross-site scripting...

6.1CVSS6.2AI score0.00322EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/07/25 12:0 a.m.3 views

CVE-2025-51411

A reflected cross-site scripting XSS vulnerability exists in Institute-of-Current-Students v1.0 via the email parameter in the /postquerypublic endpoint. The application fails to properly sanitize user input before reflecting it in the HTML response. This allows unauthenticated attackers to injec...

6AI score0.00322EPSS
Exploits2References1
CVE
CVE
added 2025/07/25 12:0 a.m.20 views

CVE-2025-51411

CVE-2025-51411 affects Institute-of-Current-Students v1.0, with a reflected XSS vulnerability in the /postquerypublic endpoint via the email parameter. The root cause is insufficient sanitization of user input, allowing an attacker-controlled string to be reflected in HTML and execute arbitrary J...

6.1CVSS6AI score0.00322EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2025/07/04 12:0 a.m.6 views

Student Record System manage-students.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /manage-students.php. An attacker can exploit this vulnerability to...

8.8CVSS7.1AI score0.00318EPSS
Exploits1References1
OSV
OSV
added 2025/06/22 12:15 p.m.6 views

CVE-2025-6475

A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/managestudents of the component Manage Students Module. The manipulation leads to cross site scripting. The attack m...

4.8CVSS3.6AI score0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/06/22 12:0 p.m.20 views

CVE-2025-6475 SourceCodester Student Result Management System Manage Students Module manage_students cross site scripting

A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/managestudents of the component Manage Students Module. The manipulation leads to cross site scripting. The attack m...

4.8CVSS0.0025EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/22 12:0 p.m.5 views

CVE-2025-6475 SourceCodester Student Result Management System Manage Students Module manage_students cross site scripting

A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/managestudents of the component Manage Students Module. The manipulation leads to cross site scripting. The attack m...

4.8CVSS3.4AI score0.0025EPSS
Exploits0References5
CVE
CVE
added 2025/06/22 12:0 p.m.25 views

CVE-2025-6475

CVE-2025-6475 affects SourceCodester Student Result Management System 1.0, specifically the Manage Students Module and the file path /script/admin/manage_students. The vulnerability is a cross-site scripting flaw arising from handling input in that file, exploitable remotely with public disclosur...

4.8CVSS6.5AI score0.0025EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder