Lucene search
K
Oretnom23Student Grading System

11 matches found

CVE
CVE
added 2022/04/05 7:3 p.m.75 views

CVE-2022-27304

The CVE-2022-27304 entry applies to Student Grading System v1.0 and describes a SQL injection vulnerability in the user parameter. The vulnerability is confirmed across multiple connected sources (e.g., NVD, Red Hat and CVE registries) and is documented as a SQLi issue with the affected product. ...

9.8CVSS9.7AI score0.01255EPSS
CVE
CVE
added 2022/04/21 7:5 p.m.71 views

CVE-2022-28024

The CVE-2022-28024 entry affects Student Grading System v1.0, with a SQL injection in the web parameter rms.php?page=grade. Root cause: unsanitized input leading to SQLi. Impact (per sources): confidentiality, integrity, and availability are all at risk (P/H). CVSS vectors indicate high/critical ...

9.8CVSS9.7AI score0.01364EPSS
Web
CVE
CVE
added 2022/04/21 7:5 p.m.67 views

CVE-2022-28025

The CVE-2022-28025 entry applies to Student Grading System v1.0 , with a SQL injection vulnerability exploitable via the parameter in /student-grading-system/rms.php?page=school_year. The public record consistently identifies the flaw as an input handling issue that allows SQL commands to be inje...

9.8CVSS9.7AI score0.01364EPSS
Web
CVE
CVE
added 2022/04/21 7:5 p.m.65 views

CVE-2022-28026

The CVE-2022-28026 entry describes a SQL injection in Student Grading System v1.0, exploitable via /student-grading-system/rms.php?page=student_p&id=. The issue is caused by unsanitized user input in the parameter, enabling unauthorized SQL commands and potential data exposure. CVSS details from ...

9.8CVSS9.7AI score0.01364EPSS
Web
CVE
CVE
added 2025/09/14 7:32 p.m.24 views

CVE-2025-10407

CVE-2025-10407 affects SourceCodester Student Grading System 1.0. The vulnerability is a SQL injection in the file /view_user.php caused by manipulation of the ID parameter, enabling remote exploitation. Public exploits exist. Impact/mitigation details in connected docs indicate no formal patch/v...

8.8CVSS6.5AI score0.00309EPSS
CVE
CVE
added 2025/09/15 12:32 a.m.22 views

CVE-2025-10418

CVE-2025-10418 affects SourceCodester Student Grading System 1.0. The vulnerability lies in /view_students.php where manipulation of the ID parameter causes SQL injection. Exploitation can be performed remotely and publicly available exploit code exists. Impact is high for confidentiality, integr...

8.8CVSS6.4AI score0.00351EPSS
CVE
CVE
added 2025/09/15 2:2 a.m.18 views

CVE-2025-10421

The CVE-2025-10421 entry concerns SourceCodester Student Grading System 1.0. Affected component: the file /update_account.php. Root cause: manipulation of the ID parameter enables SQL injection, with remote exploitation possible and an exploit published. Impact is consistent with the vulnerabilit...

8.8CVSS6.9AI score0.00351EPSS
CVE
CVE
added 2025/09/14 8:2 p.m.17 views

CVE-2025-10408

SourceCodester Student Grading System 1.0 has a SQL injection in /edit_user.php triggered by manipulating the ID parameter. The issue is exploitable remotely and an exploit is publicly available. Multiple feeds corroborate this vulnerability; remediation guidance in related advisories suggests sa...

8.8CVSS6.7AI score0.00309EPSS
CVE
CVE
added 2025/09/14 8:32 p.m.17 views

CVE-2025-10409

CVE-2025-10409 concerns a SQL injection vulnerability in SourceCodester Student Grading System 1.0, arising from manipulation of the fname parameter in /rms.php?page=users. The flaw allows remote attackers to execute arbitrary SQL; exploitation is public and the attack surface includes the affect...

8.8CVSS6.4AI score0.00309EPSS
CVE
CVE
added 2025/09/15 1:32 a.m.16 views

CVE-2025-10420

CVE-2025-10420 affects SourceCodester Student Grading System 1.0; the vulnerability stems from manipulation of the ID parameter in /form137.php, enabling SQL injection. The issue is remote and publicly exploit, as reported across multiple sources. Root cause: unsafely constructed SQL queries usin...

8.8CVSS6.5AI score0.00351EPSS
CVE
CVE
added 2025/09/15 1:2 a.m.15 views

CVE-2025-10419

The CVE-2025-10419 entry concerns SourceCodester Student Grading System 1.0, with a SQL injection in the /del_promote.php endpoint (and variants like /del promote.php). Multiple connected sources confirm remote exploitation and publicly disclosed exploit. The vulnerability stems from how the sy p...

8.8CVSS6.5AI score0.00351EPSS