5 matches found
CVE-2024-10764
Codezips Online Institute Management System 1.0 contains a critical vulnerability in /pages/save_user.php where manipulating the image parameter enables unrestricted file upload. The issue is remotely exploitable and has been publicly disclosed. Reported details consistently identify the vulnerab...
CVE-2024-10509
CVE-2024-10509 affects Codezips Online Institute Management System 1.0. The issue is a SQL injection triggered by manipulating the email parameter in /login.php, allowing remote exploitation. Multiple sources corroborate that the vulnerability is critical with public exploit availability and no a...
CVE-2024-10765
Codezips Online Institute Management System (up to 1.0) has a vulnerability in /profile.php where manipulating the old_image parameter enables unrestricted upload. This remote vector is documented across multiple sources (NVD, Red Hat, CVE lists) and is described as a critical issue; exploitation...
CVE-2024-10994
The CVE-2024-10994 entry refers to Codezips Online Institute Management System 1.0. Affected is the /edit_user.php functionality where manipulating the image parameter enables unrestricted file upload. This remote attack is publicly disclosed and can lead to high-impact outcomes (as reflected in ...
CVE-2024-10993
Codezips Online Institute Management System 1.0 is affected by CVE-2024-10993 due to an issue in the website_image parameter of /manage_website.php, which allows unrestricted upload. The vulnerability enables remote exploitation and the exploit has been disclosed publicly. Technical details acros...