CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2367 – SourceCodester Faculty Evaluation System manage_academic.php sql injection
https://notcve.org/view.php?id=CVE-2023-2367
28 Apr 2023 — A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manage_academic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/f0llow/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2366 – SourceCodester Faculty Evaluation System sql injection
https://notcve.org/view.php?id=CVE-2023-2366
28 Apr 2023 — A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://github.com/oV201/cve_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2365 – SourceCodester Faculty Evaluation System sql injection
https://notcve.org/view.php?id=CVE-2023-2365
28 Apr 2023 — A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/oV201/cve_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •