5 matches found
CVE-2023-41506
CVE-2023-41506 affects the Student Enrollment In PHP software (v1.0). The vulnerability is an arbitrary file upload in the Update/Edit Student’s Profile Picture function, enabling code execution by uploading a crafted PHP file. Public sources describe it as a critical issue (CVSS v3.1: 9.8, high ...
CVE-2023-41503
CVE-2023-41503 affects the open-source “Student Enrollment In PHP v1.0.” The vulnerability is a SQL injection in the Login function, caused by unsafe SQL handling in the authentication flow. It is rated CVSS v3.1 base score 9.8 (CRITICAL) with Network attack vector, no privileges required, no use...
CVE-2023-41504
CVE-2023-41504 affects the open‑source project Student Enrollment In PHP version 1.0. The vulnerability is a SQL injection in the Student Search function, enabling an attacker to execute arbitrary code. Root cause: unsafe handling of user input in SQL queries. Impact: high (arbitrary code executi...
CVE-2023-41505
CVE-2023-41505 affects Student Enrollment In PHP v1.0’s Add Student’s Profile Picture function. Root cause: arbitrary file upload of a crafted PHP payload enabling remote code execution. Impact is described as high confidentiality, integrity, and availability concerns. Exploitation context provid...
CVE-2025-7191
CVE-2025-7191 affects code-projects Student Enrollment System 1.0. The vulnerability is a SQL injection in the /login.php file caused by manipulating the Username parameter. Attack is network-based and can be exploited remotely; exploitation has been disclosed publicly. Several connected sources ...