Lucene search
+L
Student Attendance Management System ProjectStudent Attendance Management System

10 matches found

CVE
CVE
added 2022/03/29 12:41 a.m.59 views

CVE-2021-45865

CVE-2021-45865 concerns the SourceCodester Student Attendance Management System v1.0 and centers on the file upload feature. Multiple connected sources describe a vulnerability caused by the application’s lack of validation for uploaded files, which can be exploited to upload malicious files and ...

9.8CVSS9.4AI score0.01363EPSS
CVE
CVE
added 2022/11/17 12:0 a.m.55 views

CVE-2022-4052

CVE-2022-4052 affects the Student Attendance Management System. The vulnerability is a SQL injection in the Id parameter of the file /Admin/createClass.php caused by unsanitized input, allowing remote exploitation. Several connected sources corroborate the problem and classify it as critical with...

7.2CVSS6.1AI score0.00522EPSS
Web
CVE
CVE
added 2022/03/29 12:39 a.m.53 views

CVE-2021-45866

CVE-2021-45866 affects Sourcecodester Student Attendance Management System 1.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in the couse field of index.php, arising from insufficient input validation/output handling. Reported across multiple feeds (NVD/CNVD/CNNVD) with CVSS-3.1 base ...

5.4CVSS5.2AI score0.00542EPSS
CVE
CVE
added 2022/11/17 12:0 a.m.44 views

CVE-2022-4053

CVE-2022-4053 affects the Student Attendance Management System. The vulnerability is in the createClass.php file, where manipulating the className argument can trigger a cross-site scripting (XSS) flaw. The issue is exploitable remotely, and the exploit has been disclosed publicly (VDB-213846). C...

4.8CVSS4.2AI score0.00427EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.26 views

CVE-2023-41520

CVE-2023-41520 affects Student Attendance Management System v1. The vulnerability lies in createClassArms.php, where SQL injection can be introduced via the parameters classId and classArmName. Affected component is the server-side PHP script responsible for managing class arms. The CVE metrics i...

8.8CVSS7.9AI score0.00302EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.23 views

CVE-2023-41519

The CVE-2023-41519 affects Student Attendance Management System v1. The vulnerability is a cross-site scripting (XSS) flaw in the createSessionTerm.php script, exploitable via the sessionName parameter. This can allow injection of malicious scripts when a user submits a crafted sessionName, poten...

6.1CVSS5.9AI score0.00202EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.23 views

CVE-2023-41524

The CVE-2023-41524 entry concerns the Student Attendance Management System v1, which contains a SQL injection vulnerability in the username parameter of index.php. The root cause is improper handling of user-supplied input leading to unauthorized SQL execution. Impact is described as high severit...

8.8CVSS7.9AI score0.00302EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.22 views

CVE-2023-41521

CVE-2023-41521 affects Student Attendance Management System v1, which contains multiple SQL injection flaws in createSessionTerm.php reachable via the id, termId, and sessionName parameters. The reported impact is severe (CVSS v3.1 base score 8.8, high confidentiality, integrity, and availability...

8.8CVSS7.9AI score0.00302EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.21 views

CVE-2023-41523

The CVE-2023-41523 entry maps to the Student Attendance Management System v1, which contains a SQL injection in the createClassTeacher.php endpoint that reads the emailAddress parameter. The vulnerability is described as an injection flaw that can affect the application’s database queries; CVSSv3...

8.8CVSS7.9AI score0.00302EPSS
CVE
CVE
added 2025/08/07 12:0 a.m.19 views

CVE-2023-41522

Student Attendance Management System v1 contains multiple SQL injection vulnerabilities in createStudents.php, exploitable via Id, firstname, and admissionNumber parameters due to improper input handling. CVSS v3.1 metrics indicate HIGH impact on confidentiality, integrity, and availability, with...

8.8CVSS8AI score0.00302EPSS