Lucene search
K
VishalmathurCloudclassroom-php Project

8 matches found

CVE
CVE
added 2025/06/02 12:0 a.m.61 views

CVE-2025-45542

CVE-2025-45542 affects CloudClassroom-PHP-Project v1.0, specifically the registrationform endpoint where the pass parameter is not properly validated, enabling a time-based blind SQL injection. Multiple connected sources corroborate that an unauthenticated remote attacker can manipulate backend S...

7.3CVSS7.9AI score0.00995EPSS
Web
CVE
CVE
added 2025/02/26 12:0 a.m.59 views

CVE-2024-57423

CVE-2024-57423 describes a Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0, where the exid parameter of the assessment function can be exploited to execute arbitrary code by a remote attacker. The NVD entry assigns CVSS‑3.1 metrics: AV:N, AC:L, PR:N, UI:R, S:C, C:L/I:L/A:N, ...

6.1CVSS7AI score0.00452EPSS
CVE
CVE
added 2025/06/02 12:0 a.m.52 views

CVE-2024-57459

CVE-2024-57459 describes a time-based SQL injection in the CloudClassroom PHP Project 1.0, stemming from improper validation of the myds parameter in mydetailsstudent.php. This allows arbitrary SQL execution via the input, as detailed in multiple connected records. The vulnerability affects the m...

7.3CVSS7.5AI score0.00211EPSS
CVE
CVE
added 2025/06/09 12:0 a.m.50 views

CVE-2025-46178

The CVE-2025-46178 entry pertains to a Cross-Site Scripting (XSS) vulnerability in the CloudClassroom PHP Project, specifically in the askquery.php file via the eid parameter. The flaw allows remote attackers to inject arbitrary JavaScript in the context of a victim browser session, potentially l...

6.1CVSS6AI score0.00334EPSS
CVE
CVE
added 2025/06/18 12:0 a.m.26 views

CVE-2025-26198

CVE-2025-26198 — CloudClassroom-PHP-Project v1.0 suffers a critical SQL Injection in the admin login path (loginlinkadmin.php) where unsanitized input is used directly in SQL queries. This enables unauthenticated users to bypass authentication and gain full admin access, potentially exposing or m...

9.8CVSS9.8AI score0.00572EPSS
Web
CVE
CVE
added 2025/06/18 12:0 a.m.25 views

CVE-2025-26199

CloudClassroom-PHP-Project v1.0 is affected by insecure credential transmission: login credentials are sent over HTTP, enabling MitM exposure. A compromised session could allow an attacker to login and potentially trigger administrative actions (e.g., file uploads) leading to remote code executio...

9.8CVSS9.8AI score0.00492EPSS
Web
CVE
CVE
added 2025/07/25 12:0 a.m.25 views

CVE-2025-44608

CVE-2025-44608 affects CloudClassroom-PHP Project version 1.0, with a SQL injection vulnerability injectable via the viewid parameter. Root cause: unvalidated input in viewid leads to SQL injection. Practical impact stated in connected docs includes potential remote code execution (RCE) demonstra...

6.5CVSS8.5AI score0.00314EPSS
Web
CVE
CVE
added 2025/06/20 12:0 a.m.25 views

CVE-2025-46179

CloudClassroom-PHP Project v1.0 contains a SQL injection in askquery.php via the unsanitized squeryx parameter, which is passed directly into backend SQL queries. This vulnerability has a CVSSv3.1 base score of 9.8 (CRITICAL) with network attack vector, low attack complexity, no privileges, no us...

9.8CVSS7.8AI score0.00518EPSS