CVE-2023-5925 – Campcodes Simple Student Information System Master.php sql injection
https://notcve.org/view.php?id=CVE-2023-5925
A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%203.pdf https://vuldb.com/?ctiid.244325 https://vuldb.com/?id.244325 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-5924 – Campcodes Simple Student Information System view_course.php sql injection
https://notcve.org/view.php?id=CVE-2023-5924
A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. This vulnerability affects unknown code of the file /admin/courses/view_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244324. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.244324 https://vuldb.com/?id.244324 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-5923 – Campcodes Simple Student Information System index.php sql injection
https://notcve.org/view.php?id=CVE-2023-5923
A vulnerability classified as critical has been found in Campcodes Simple Student Information System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244323. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%201.pdf https://vuldb.com/?ctiid.244323 https://vuldb.com/?id.244323 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-2425 – SourceCodester Simple Student Information System Add New Course cross site scripting
https://notcve.org/view.php?id=CVE-2023-2425
A vulnerability was found in SourceCodester Simple Student Information System 1.0. It has been classified as problematic. This affects an unknown part of the file /classes/Master.php?f=save_course of the component Add New Course. The manipulation of the argument name with the input <script>alert(document.cookie)</script> leads to cross site scripting. • https://github.com/sssddc11/bug_report/blob/master/XSS-1.md https://vuldb.com/?ctiid.227751 https://vuldb.com/?id.227751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-2722 – SourceCodester Simple Student Information System manage_course.php sql injection
https://notcve.org/view.php?id=CVE-2022-2722
A vulnerability was found in SourceCodester Simple Student Information System and classified as critical. This issue affects some unknown processing of the file manage_course.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://bewhale.github.io/post/PHP%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E2%80%94Simple%20Student%20Information%20System%20manage_course.php%20SQL%20Injection https://vuldb.com/?id.205835 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •