Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

College Management System Project Security Vulnerabilities

cve
cve

CVE-2020-25408

A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data.

6.5CVSS

6.5AI Score

0.001EPSS

2021-05-24 01:15 PM
18
cve
cve

CVE-2020-25409

Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters.

9.8CVSS

9.8AI Score

0.002EPSS

2021-05-24 01:15 PM
17
cve
cve

CVE-2020-26051

College Management System Php 1.0 suffers from SQL injection vulnerabilities in the index.php page from POST parameters 'unametxt' and 'pwdtxt', which are not filtered before passing a SQL query.

9.8CVSS

9.8AI Score

0.003EPSS

2021-02-08 02:15 PM
19
cve
cve

CVE-2022-28079

College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.

8.8CVSS

8.8AI Score

0.642EPSS

2022-05-05 05:15 PM
61
cve
cve

CVE-2022-30404

College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=.

7.2CVSS

7.3AI Score

0.001EPSS

2022-05-13 03:15 PM
49
2
cve
cve

CVE-2022-32420

College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file.

8.8CVSS

8.9AI Score

0.006EPSS

2022-07-01 09:15 PM
36
6
cve
cve

CVE-2022-39179

College Management System v1.0 - Authenticated remote code execution.An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload.php file that contains malicious code via student.php file.

7.2CVSS

7.7AI Score

0.001EPSS

2022-11-17 11:15 PM
32
5
cve
cve

CVE-2022-39180

College Management System v1.0 - SQL Injection (SQLi).By inserting SQL commands to the username and password fields in the login.php page

9.8CVSS

10AI Score

0.001EPSS

2022-11-17 11:15 PM
33
4
cve
cve

CVE-2024-5370

A vulnerability was found in Kashipara College Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file submit_enroll_staff.php. The manipulation of the argument class_name leads to cross site scripting. The attack may be launched rem...

3.5CVSS

6.2AI Score

0.0004EPSS

2024-05-26 06:15 PM
35
cve
cve

CVE-2024-7681

A vulnerability was found in code-projects College Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component Login Page. The manipulation of the argument email/password leads to sql injection. The attack can be initiated ...

9.8CVSS

7.5AI Score

0.001EPSS

2024-08-12 01:38 PM
38