Lucene search
+L
FabianStudent Information System

8 matches found

CVE
CVE
added 2025/11/16 7:2 a.m.22 views

CVE-2025-13241

The CVE concerns code-projects Student Information System 2.0, where the vulnerability resides in the /index.php file. The Username parameter can be manipulated to achieve SQL injection, allowing remote execution. The issue is supported by multiple sources (NVD, Red Hat, CNVD, CNNVD, EUVD, VulnDB...

9.8CVSS6.8AI score0.00425EPSS
CVE
CVE
added 2025/11/16 8:32 a.m.22 views

CVE-2025-13244

The CVE-2025-13244 entry concerns code-projects Student Information System 2.0. The vulnerability is a cross-site scripting flaw in the /register.php file, affecting an unspecified function; the issue enables remote exploitation and has publicly disclosed exploit information. Multiple connected s...

6.1CVSS4.1AI score0.00351EPSS
CVE
CVE
added 2025/12/24 1:32 a.m.22 views

CVE-2025-15052

CVE-2025-15052 affects code-projects Student Information System 1.0. The vulnerability resides in the file /profile.php, where manipulation of the firstname/lastname parameters enables cross-site scripting. This can be exploited remotely and there are public exploits. Multiple connected sources (...

5.4CVSS5.6AI score0.00215EPSS
Web
CVE
CVE
added 2025/11/16 6:32 a.m.21 views

CVE-2025-13240

Code-Projects Student Information System 2.0 is affected by an SQL injection in /searchquery.php via the s parameter. Multiple connected sources confirm remote exploitation is possible and that exploits are public. Specifics: vulnerability originates from unsanitized input in s, enabling SQL comm...

9.8CVSS7.2AI score0.00425EPSS
CVE
CVE
added 2025/12/24 2:2 a.m.17 views

CVE-2025-15053

CVE-2025-15053 affects code-projects Student Information System 1.0. The flaw is a SQL injection in the /searchresults.php processing of the searchbox parameter, exploitable remotely. Multiple sources confirm an exploit has been published. No concrete remediation/version fix is provided in the su...

7.5CVSS6.5AI score0.00327EPSS
CVE
CVE
added 2025/11/16 8:2 a.m.16 views

CVE-2025-13243

CVE-2025-13243 affects code-projects Student Information System 2.0. The vulnerable component is the /editprofile.php file, in an unknown function, where input is not properly filtered, leading to a SQL injection. The vulnerability is exploitable remotely, and the exploit has been publicly releas...

8.8CVSS6.5AI score0.00343EPSS
CVE
CVE
added 2025/11/16 7:32 a.m.15 views

CVE-2025-13242

CVE-2025-13242 affects code-projects Student Information System 2.0. The vulnerability is in the /register.php handler, where improper handling of user input enables SQL injection. It is exploitable remotely and, according to sources, the exploit has been disclosed publicly. Root cause is input h...

9.8CVSS6.8AI score0.00425EPSS
CVE
CVE
added 2025/11/16 9:2 a.m.14 views

CVE-2025-13245

CVE-2025-13245 affects code-projects Student Information System 2.0. The vulnerability lies in an unspecified function within /editprofile.php that mishandles input, enabling cross-site scripting. Exploitation can be performed remotely, and publicly available exploits exist. Several connected sou...

5.4CVSS3.9AI score0.00253EPSS