CVE-2025-14644

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /updatesubject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclos...

itsourcecode Student Management System SQL注入漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /updatesubject.php, which...

CVE-2024-4714 Campcodes Complete Web-Based School Management System update_subject.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /model/updatesubject.php. The manipulation of the argument name leads to cross site scripting. The...

CVE-2022-34594

CVE-2022-34594 affects Advanced School Management System v1.0. The vulnerability is a cross-site scripting (XSS) flaw exploitable via the component ip/school/moudel/update_subject.php, where a crafted payload in the Edit Subject field can cause arbitrary web scripts/HTML to execute. The NVD entry...