CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3733 – SourceCodester Web-Based Student Clearance System edit-admin.php sql injection
https://notcve.org/view.php?id=CVE-2022-3733
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. • https://blog.csdn.net/qq_41988749/article/details/127552717?spm=1001.2014.3001.5502 https://vuldb.com/?id.212415 • CWE-707: Improper Neutralization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3436 – SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted upload
https://notcve.org/view.php?id=CVE-2022-3436
A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367. • http://packetstormsecurity.com/files/176007/Online-Student-Clearance-System-1.0-Shell-Upload.html https://vuldb.com/?id.210367 • CWE-266: Incorrect Privilege Assignment CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3434 – SourceCodester Web-Based Student Clearance System add-student.php prepare cross site scripting
https://notcve.org/view.php?id=CVE-2022-3434
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. • https://vuldb.com/?id.210356 https://www.jianshu.com/p/489bca847079 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-707: Improper Neutralization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3414 – SourceCodester Web-Based Student Clearance System POST Parameter login.php sql injection
https://notcve.org/view.php?id=CVE-2022-3414
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is possible to launch the attack remotely. • https://vuldb.com/?id.210246 https://www.jianshu.com/p/8f7b7b532c02 • CWE-707: Improper Neutralization •