CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the add-subject.php parameters sub1, sub2, sub3, sub4, and course-short. The underlying issue is unsanitized/externally supplied SQL statements in those parameters, enabling an attacker to manipulate queries and access or mo...

EUVD-2006-3051

Malware in sbrugna...

Student Record System add-subject.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in parameter sub1 in file /add-subject.php. An attacker can exploit this vulnerability to execute...

CVE-2025-4108 PHPGurukul Student Record System add-subject.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /add-subject.php. The manipulation of the argument sub1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

School-Management-System Cross-Site Scripting Vulnerability

School-Management-System is a school management system by the individual developer Lahiru Danushka. A cross-site scripting vulnerability exists in School-Management-System, which stems from a cross-site scripting vulnerability in the Sybillus parameter of the /subject.php file...

CVE-2024-6278

CVE-2024-6278 affects lahirudanushka School Management System (versions 1.0.0–1.0.1). The vulnerability exists in Subject Page’s subject.php, where manipulating the update parameter leads to SQL injection. Exploitation can be performed remotely, and the vulnerability has been publicly disclosed. ...

PT-2024-32432 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A problematic issue has been found in the system, affecting some unknown functionality of the file /model/update subject.php. The manipulation of the name argument...

Student Record System edit-subject.php file SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameters sub1/sub2/sub3/sub4/udate in the file /edit-subject.php. An attacker can exploit thi...

CVE-2024-3771 PHPGurukul Student Record System edit-subject.php sql injection

A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql injection. The attack may be launched remotely...

CVE-2006-3054

Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQL commands via the 1 sobjectID or 2 MAINID parameters to a show.php or 3 MainID parameter to b subject.php...

VBZooM <<--V1.11 "subject.php" SQL injection

============================================= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Breeeeh-BoNym-Rootshill-LiNuXrOOt-SauDiVirUs ============================================= Example:- /subject.php?MainID=SQL...