2 matches found
CVE-2025-14536
CVE-2025-14536 concerns Code-Projects Class and Exam Timetable Management 1.0. Affected component: the Login handler in /index.php where the parameters username and/or password can be manipulated to trigger a SQL injection . Reports from CNVD/CNNVD/Red Hat/NVD allege a remote, unauthenticated att...
CVE-2025-14537
Concrete details from connected documents show a SQL injection vulnerability in code-projects Class and Exam Timetable Management 1.0, specifically in the /preview7.php file where the parameter course_year_section/semester is not validated. This allows remote exploitation and may enable retrieval...