3 matches found
CVE-2020-36084
CVE-2020-36084 describes a SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0, where an attacker can inject SQL via the id parameter in /elearning/delete_teacher_students.php?id=. The CVSS metrics indicate a critical risk (CVSS v3.1: 9.8, Network attack vector, no priv...
CVE-2025-5213
CVE-2025-5213 affects projectworlds Responsive E-Learning System 1.0. The vulnerability is an SQL injection in an unknown functionality of the file /admin/delete_file.php caused by improper handling of the ID argument. It can be exploited remotely and the exploit has been disclosed publicly. Impa...
CVE-2025-10687
The CVE-2025-10687 affects SourceCodester Responsive E-Learning System 1.0, specifically the /admin/add_teacher.php file where manipulating the Username parameter triggers a SQL injection. A remote attacker could exploit this after publicly disclosed exploit availability. Multiple connected sourc...