CVE-2022-24231

The CVE-2022-24231 entry concerns Simple Student Information System v1.0, which is vulnerable to SQL injection via the add/Student path. The vulnerability is documented with a high-severity impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base score 9.8) affecting confidentiality, integrit...

CVE-2023-5929

CVE-2023-5929 affects Campcodes Simple Student Information System 1.0. The vulnerability resides in an unknown part of /admin/students/manage_academic.php where manipulating the id parameter leads to SQL injection. The vulnerability is publicly disclosed and has been assigned VDB-244329; multiple...

CVE-2023-5925

CVE-2023-5925 affects Campcodes Simple Student Information System 1.0. The root cause is a vulnerability in the file /classes/Master.php where the argument f can be manipulated, leading to SQL injection. Public exploitation is indicated, and multiple sources corroborate a critical severity with i...

CVE-2023-5928

The CVE-2023-5928 entry concerns Campcodes Simple Student Information System 1.0. The vulnerability is a SQL injection in the file /admin/departments/manage_department.php caused by manipulating the id parameter. The issue has been publicly disclosed, and exploitation is possible according to sou...

CVE-2023-5930

CVE-2023-5930 refers to a cross-site scripting vulnerability in Campcodes Simple Student Information System 1.0. The issue affects unknown code in the file /admin/students/manage_academic.php, where manipulating the argument student_id can trigger XSS. The vulnerability is remote and the exploit ...

CVE-2023-5924

The CVE-2023-5924 entry refers to Campcodes Simple Student Information System 1.0 with a SQL injection in /admin/courses/view_course.php via the id parameter. Public exploit details exist. CVSSv3.1 base score 7.5 (HIGH) with Network attack, no user interaction, and HIGH confidentiality impact but...

CVE-2023-5923

CVE-2023-5923 — Campcodes Simple Student Information System 1.0 is affected by a SQL injection in an unknown part of /admin/index.php, triggered by manipulating the id parameter. The vuln is described as critical and is accompanied by public disclosure of exploits. The available connected sources...

CVE-2023-5927

CVE-2023-5927 affects Campcodes Simple Student Information System 1.0. The vulnerability is a SQL injection in the unknown functionality of /admin/courses/manage_course.php, triggered by manipulating the id parameter. The exploit has been publicly disclosed and may be used. No fixed version is pr...

CVE-2022-2722

CVE-2022-2722 affects SourceCodester Simple Student Information System, specifically the manage_course.php file. The vulnerability arises from unsafely handling the id parameter, enabling SQL injection via remote access. Multiple connected sources corroborate a critical flaw in this component, wi...

CVE-2023-5926

CVE-2023-5926 affects Campcodes Simple Student Information System 1.0. The vulnerability is an SQL injection in the unknown function of /admin/students/update_status.php triggered by manipulating the student_id parameter. Public exploit information is indicated. No official patch/version is provi...

CVE-2022-2705

CVE-2022-2705 affects SourceCodester Simple Student Information System, with a SQL injection in admin/departments/manage_department.php via the id parameter (example input: -5756%27%20UNION%20ALL%20SELECT%20NULL,database(),user(),NULL,NULL,NULL,NULL--). Multiple sources confirm the vulnerability ...

CVE-2023-2425

CVE-2023-2425 affects SourceCodester Simple Student Information System 1.0. the vulnerability is a cross-site scripting in the Add New Course feature, specifically the /classes/Master.php?f=save_course endpoint. The input parameter name (and examples like ) can be manipulated to inject script, ex...