4 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as problematic. Affected by this issue is the function get_scale of the file Master.php. The manipulation of the argument perc leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3%20vlun%201.pdf https://vuldb.com/?ctiid.224672 https://vuldb.com/?id.224672 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as critical. Affected by this vulnerability is the function get_scale of the file Master.php. The manipulation of the argument perc leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Pe4cefulSnow/SQL-Injection/blob/main/README.md https://vuldb.com/?ctiid.224671 https://vuldb.com/?id.224671 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md https://vuldb.com/?ctiid.224670 https://vuldb.com/?id.224670 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as problematic has been found in SourceCodester Grade Point Average GPA Calculator 1.0. This affects an unknown part of the file index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3%20vlun%202.pdf https://vuldb.com/?ctiid.224631 https://vuldb.com/?id.224631 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •