Lucene search
K

383 matches found

CNNVD
CNNVD
added 2026/01/08 12:0 a.m.3 views

Code-Projects Intern Membership Management System SQL注入漏洞

Code-Projects Intern Membership Management System is a Code-Projects open source intern membership management system . Code-Projects Intern Membership Management System version 1.0 has a SQL injection vulnerability , the vulnerability stems from the wrong operation of the parameter adminid in the...

7.2CVSS5.7AI score0.00369EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.13 views

PT-2026-1972

Name of the Vulnerable Software and Affected Versions code-projects Intern Membership Management System version 1.0 Description A security issue exists in code-projects Intern Membership Management System version 1.0. The issue involves the manipulation of the admin id argument within an unknown...

7.2CVSS4.9AI score0.00369EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.16 views

PT-2026-1983

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration System versions prior to 3.1 Description A flaw exists in PHPGurukul Online Course Registration System that allows for SQL injection. The issue is located in the file...

6.5CVSS6.5AI score0.00357EPSS
Exploits1References13
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.9 views

PDPL Metric: Validating a Scale to Measure Personal Data Privacy Literacy among University Students

Personal data privacy literacy PDPL refers to a collection of digital literacy skills related to an individuals ability to understand, evaluate, and manage the collection, use, and protection of personal data in online and digital environments. This study introduces and validates a new psychometr...

6.8AI score
Exploits0
NVD
NVD
added 2025/12/04 4:16 p.m.12 views

CVE-2025-61148

An Insecure Direct Object Reference IDOR vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'recno' parameter in the /student/get-receipt endpoint...

6.5CVSS0.00302EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2025/12/01 10:40 a.m.10 views

CVE-2025-41070 Reflected Cross-site Scripting (XSS) in Sanoma's Clickedu

Reflected Cross-site Scripting XSS vulnerability in Sanoma's Clickedu. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL in '/students/carpetesvaries.php'. This vulnerability can be exploited to steal sensitive user data, such...

4.8CVSS5.9AI score0.00253EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/20 12:0 a.m.4 views

Student Record System manage-students.php Component Cross-Site Request Forgery Vulnerability

Student Record System is a software application. Student Record System suffers from a cross-site request forgery vulnerability that stems from the manage-students.php component not adequately verifying that a request is from a trusted user, which could be exploited by an attacker to cause...

7.5CVSS6.8AI score0.00204EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/11/19 12:11 a.m.19 views

CVE-2025-63955

A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...

7.5CVSS6.6AI score0.00204EPSS
Exploits2References1
EUVD
EUVD
added 2025/11/18 9:32 p.m.7 views

EUVD-2025-198075

A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...

7.5CVSS6.1AI score0.00204EPSS
Exploits2References3
NVD
NVD
added 2025/11/18 7:15 p.m.3 views

CVE-2025-63955

A Cross-Site Request Forgery CSRF vulnerability in the manage-students.php component of PHPGurukul Student Record System v3.2 allows an attacker to trick an authenticated administrator into submitting a forged request. This leads to the unauthorized deletion of user accounts, causing a Denial of...

7.5CVSS0.00204EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.13 views

PT-2025-47385

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.2 Description A Cross-Site Request Forgery CSRF issue exists in the manage-students.php component. An attacker can trick an authenticated administrator into submitting a forged request, leading to the...

7.5CVSS6.4AI score0.00204EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.8 views

PHPGurukul Student Record System 安全漏洞

Student Record System is a software application. Student Record System suffers from a cross-site request forgery vulnerability that stems from the manage-students.php component not adequately verifying that a request is from a trusted user, which could be exploited by an attacker to cause...

7.5CVSS6.4AI score0.00204EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2025/11/15 3:25 p.m.145 views

Exploit for CVE-2025-63955

CVE-2025-63955 – Cross-Site Request Forgery CSRF leading t...

7.5CVSS6.6AI score0.00204EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2025/11/15 12:0 a.m.21 views

BackWeak: Backdooring Knowledge Distillation Simply with Weak Triggers and Fine-Tuning

Knowledge Distillation KD is essential for compressing large models, yet relying on pre-trained "teacher" models downloaded from third-party repositories introduces serious security risks -- most notably backdoor attacks. Existing KD backdoor methods are typically complex and computationally...

6.7AI score
Exploits0
CVE
CVE
added 2025/11/12 10:25 p.m.14 views

CVE-2025-64705

Frappe Learning version range 2.0.0–2.40.9 suffers an information-disclosure vulnerability where users could view submissions from other students due to improper access control and direct URL access. The issue is fixed in version 2.41.0 by enforcing proper roles and redirecting direct URL access....

5.3CVSS6.4AI score0.00191EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/12 10:25 p.m.5 views

CVE-2025-64705 Frappe user was able to access the submission of other students

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensuring proper roles and redirecting if accessed vi...

5.3CVSS6.8AI score0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/25 5:31 a.m.7 views

EUVD-2025-35911

The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.8.3 due to missing validation on a user controlled key when viewing and editing assignments through the tutorassignmentsubmit...

5.4CVSS5.1AI score0.00161EPSS
Exploits0References3
CNVD
CNVD
added 2025/10/13 12:0 a.m.4 views

Online Course Registration /admin/manage-students.php File SQL Injection Vulnerability

Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/manage-students.php. An attacker can...

9.8CVSS8.2AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/10/06 9:15 a.m.4 views

CVE-2025-11329

A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

9.8CVSS5.7AI score
Exploits0References5
NVD
NVD
added 2025/10/06 9:15 a.m.5 views

CVE-2025-11329

A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

9.8CVSS0.00384EPSS
Exploits1References5
Rows per page
Query Builder