2 matches found
CVE-2025-50866
CVE-2025-50866 concerns CloudClassroom-PHP-Project 1.0, which contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the /postquerypublic endpoint. The vulnerability arises from improper sanitization of user-supplied input, allowing an attacker to inject JavaScrip...
CVE-2025-50867
CVE-2025-50867 affects CloudClassroom-PHP-Project version 1.0. The vulnerability lies in takeassessment2.php where the Q5 POST parameter is directly embedded in SQL statements without sanitization, enabling SQL Injection. The connected exploit entry provides a remote, time-based blind SQLi exampl...