Lucene search
K
FabianSimple Scheduling System

7 matches found

CVE
CVE
added 2025/09/28 6:32 p.m.32 views

CVE-2025-11115

CVE-2025-11115 affects Code-Projects Simple Scheduling System 1.0, with the flaw located in addtime.php where manipulating starttime/endtime triggers SQL injection. Remote exploitation is possible and public exploits have been disclosed. Multiple sources (NVD/NVDC/CNVD/Red Hat feed) corroborate t...

9.8CVSS6.6AI score0.00441EPSS
Web
CVE
CVE
added 2025/09/28 1:2 p.m.18 views

CVE-2025-11105

CVE-2025-11105 affects code-projects Simple Scheduling System 1.0. The vulnerability is in the /schedulingsystem/addsubject.php file, where manipulation of the subcode parameter allows SQL injection. Remote exploitation is possible, and an exploit has been published. Multiple sources cite this as...

9.8CVSS7AI score0.00384EPSS
Web
CVE
CVE
added 2025/09/28 3:2 p.m.17 views

CVE-2025-11108

CVE-2025-11108 affects code-projects’ Simple Scheduling System 1.0. The vulnerability is in the file /schedulingsystem/addroom.php where manipulation of the room parameter enables SQL injection. It can be exploited remotely over the network, and exploits have been publicly disclosed. Impact is de...

9.8CVSS6.6AI score0.00384EPSS
Web
CVE
CVE
added 2025/09/28 2:2 p.m.16 views

CVE-2025-11106

The CVE-2025-11106 entry concerns Simple Scheduling System v1.0. Affected component: /schedulingsystem/addfaculty.php, where manipulation of the falname parameter enables SQL injection. Exploitation is described as remote, with public disclosure of the exploit noted in multiple sources. The conne...

9.8CVSS7AI score0.00384EPSS
Web
CVE
CVE
added 2025/09/28 2:32 p.m.15 views

CVE-2025-11107

The CVE-2025-11107 vulnerability affects code-projects Simple Scheduling System 1.0. An SQL injection exists in the addcourse.php handling of the corcode parameter, allowing remote exploitation. The exploit is public and could be used against exposed instances. Documents describe this as a remote...

9.8CVSS7.2AI score0.00384EPSS
Web
CVE
CVE
added 2025/09/28 7:2 p.m.15 views

CVE-2025-11116

The CVE-2025-11116 entry concerns code-projects Simple Scheduling System 1.0. A flaw exists in /add.home.php where manipulating the faculty parameter enables SQL injection, with remote exploitation and publicly available exploit details. Several connected sources corroborate a SQL injection impac...

9.8CVSS6.8AI score0.00441EPSS
CVE
CVE
added 2025/10/09 12:0 a.m.15 views

CVE-2025-60304

The CVE-2025-60304 entry concerns Code-Projects Simple Scheduling System 1.0 and an XSS vulnerability in the Subject Description field. The PT-2025-41444 advisory provides concrete details: vulnerable component is the Simple Scheduling System (version 1.0); the issue enables Cross-Site Scripting ...

6.1CVSS5.8AI score0.00213EPSS