10 matches found
CVE-2024-5381
CVE-2024-5381 affects itsourcecode Student Information Management System 1.0. The vulnerability exists in the file view.php via manipulation of the studentId parameter, causing SQL injection. Exploitation can be remote, and multiple sources report that the exploit has been disclosed publicly. Con...
CVE-2025-10113
CVE-2025-10113 affects itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in /admin/modules/room/index.php caused by manipulation of the ID argument. Remote exploitation is possible, and the exploit has been publicly disclosed. Some sources note a workaro...
CVE-2025-9838
CVE-2025-9838 affects itsourcecode Student Information Management System 1.0. The vulnerability is an SQL injection in the unknown function of the file /admin/modules/subject/index.php caused by manipulation of the ID parameter. The issue can be exploited remotely and there are public exploit mat...
CVE-2025-10062
The CVE-2025-10062 entry affects itsourcecode Student Information Management System version 1.0. The vulnerability resides in the /admin/login.php file, where manipulating the uname parameter can lead to SQL injection. The issue is exploitable remotely and publicly disclosed. Multiple connected s...
CVE-2025-10111
CVE-2025-10111 affects itsourcecode Student Information Management System 1.0. The vulnerable component is the file /admin/modules/instructor/index.php, where manipulation of the ID parameter enables SQL injection. The flaw is exploitable remotely and public exploits exist. Mitigation/workaround ...
CVE-2025-10112
CVE-2025-10112 affects itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in the file /admin/modules/department/index.php caused by manipulation of the ID parameter in an unknown function. The issue is exploitable remotely and, according to multiple sourc...
CVE-2025-9839
The CVE-2025-9839 issue affects itsourcecode Student Information Management System 1.0. Affected component/file: /admin/modules/course/index.php, where manipulating the ID argument leads to an SQL injection. Remote exploitation is possible, and public exploits are reported. Multiple connected sou...
CVE-2025-9837
CVE-2025-9837 affects itsourcecode Student Information Management System 1.0. The vulnerability arises from SQL injection in the file /admin/modules/student/index.php via the studentId parameter. Attacks can be initiated remotely, and the exploit has been publicly disclosed. For mitigation, sever...
CVE-2025-10673
The CVE-2025-10673 entry concerns itsourcecode Student Information Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/modules/class/index.php caused by manipulating the classId argument. Remote initiation is possible, and the exploit has been publicly dis...
CVE-2025-9595
The CVE-2025-9595 entry concerns code-projects Student Information Management System v1.0. The vulnerability is a cross-site scripting flaw in an unknown function of /login.php triggered by manipulation of the uname argument. It is exploitable remotely and an exploit has been publicly released. T...