2 matches found
CVE-2022-2876
The CVE-2022-2876 entry concerns SourceCodester Student Management System, where an SQL injection is possible via manipulating the id parameter in index.php. The vulnerability is exploitable remotely and was disclosed publicly; affected is an unknown function in index.php. Connected sources corro...
CVE-2023-41616
CVE-2023-41616 affects Student Management System (SMS) v1.2.3 and earlier, with a reflected XSS in the Search Student function that allows arbitrary Javascript execution in a victim’s browser via a crafted payload. Documents confirm the affected component and vulnerability type; PT-2023-28001 pro...