Dino Physics School Assistant Security Vulnerabilities and Issues — Dino Physics School Assistant CVE List

Lucene search

Dino Physics School Assistant ProjectDino Physics School Assistant

12 matches found

CVE•added 2024/05/30 5:15 p.m.•96 views

CVE-2024-35350

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.

9.8CVSS8.1AI score0.0014EPSS

Web

CVE•added 2024/05/30 5:15 p.m.•88 views

CVE-2024-35349

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.

9.8CVSS8.1AI score0.00487EPSS

Web

CVE•added 2024/05/30 5:15 p.m.•85 views

CVE-2024-35351

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site scripting.

5.4CVSS6.7AI score0.00242EPSS

Web

CVE•added 2024/05/30 5:15 p.m.•76 views

CVE-2024-35353

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization.

9.8CVSS7.1AI score0.00369EPSS

Web

CVE•added 2024/05/30 5:15 p.m.•73 views

CVE-2024-35359

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection.

9.8CVSS8.1AI score0.00116EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•69 views

CVE-2024-35357

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_item. Manipulating the argument id can result in SQL injection.

5.3CVSS8.5AI score0.00119EPSS

Web

CVE•added 2024/05/30 5:15 p.m.•66 views

CVE-2024-35352

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.

6.1CVSS6.7AI score0.00389EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•62 views

CVE-2024-35356

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_item. Manipulating the argument id can result in SQL injection.

6.3CVSS8.5AI score0.00177EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•46 views

CVE-2024-35345

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting.

5.4CVSS7AI score0.00286EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•45 views

CVE-2024-35358

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_category. Manipulating the argument id can result in SQL injection.

6.5CVSS8.5AI score0.00089EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•42 views

CVE-2024-35355

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.

9.8CVSS8.5AI score0.00287EPSS

Web

CVE•added 2024/05/30 4:15 p.m.•40 views

CVE-2024-35354

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_category. Manipulating the argument id can result in SQL injection.

9.8CVSS8.5AI score0.00287EPSS

Web