7 matches found
CVE-2025-11115
CVE-2025-11115 affects Code-Projects Simple Scheduling System 1.0, with the flaw located in addtime.php where manipulating starttime/endtime triggers SQL injection. Remote exploitation is possible and public exploits have been disclosed. Multiple sources (NVD/NVDC/CNVD/Red Hat feed) corroborate t...
CVE-2025-11105
CVE-2025-11105 affects code-projects Simple Scheduling System 1.0. The vulnerability is in the /schedulingsystem/addsubject.php file, where manipulation of the subcode parameter allows SQL injection. Remote exploitation is possible, and an exploit has been published. Multiple sources cite this as...
CVE-2025-11108
CVE-2025-11108 affects code-projects’ Simple Scheduling System 1.0. The vulnerability is in the file /schedulingsystem/addroom.php where manipulation of the room parameter enables SQL injection. It can be exploited remotely over the network, and exploits have been publicly disclosed. Impact is de...
CVE-2025-11106
The CVE-2025-11106 entry concerns Simple Scheduling System v1.0. Affected component: /schedulingsystem/addfaculty.php, where manipulation of the falname parameter enables SQL injection. Exploitation is described as remote, with public disclosure of the exploit noted in multiple sources. The conne...
CVE-2025-11107
The CVE-2025-11107 vulnerability affects code-projects Simple Scheduling System 1.0. An SQL injection exists in the addcourse.php handling of the corcode parameter, allowing remote exploitation. The exploit is public and could be used against exposed instances. Documents describe this as a remote...
CVE-2025-11116
The CVE-2025-11116 entry concerns code-projects Simple Scheduling System 1.0. A flaw exists in /add.home.php where manipulating the faculty parameter enables SQL injection, with remote exploitation and publicly available exploit details. Several connected sources corroborate a SQL injection impac...
CVE-2025-60304
The CVE-2025-60304 entry concerns Code-Projects Simple Scheduling System 1.0 and an XSS vulnerability in the Subject Description field. The PT-2025-41444 advisory provides concrete details: vulnerable component is the Simple Scheduling System (version 1.0); the issue enables Cross-Site Scripting ...