CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43076
https://notcve.org/view.php?id=CVE-2022-43076
A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtemail parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) en /admin/edit-admin.php del Web-Based Student Clearance System v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el parámetro txtemail. • https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-1.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43078
https://notcve.org/view.php?id=CVE-2022-43078
A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) en /admin/add-fee.php del Web-Based Student Clearance System v1.0 permite a los atacantes ejecutar scripts web arbitrarias o HTML a través de un payload manipulado inyectado en el parámetro cmddept. • https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-2.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3436 – SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted upload
https://notcve.org/view.php?id=CVE-2022-3436
A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367. • http://packetstormsecurity.com/files/176007/Online-Student-Clearance-System-1.0-Shell-Upload.html https://vuldb.com/?id.210367 • CWE-266: Incorrect Privilege Assignment CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3434 – SourceCodester Web-Based Student Clearance System add-student.php prepare cross site scripting
https://notcve.org/view.php?id=CVE-2022-3434
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. • https://vuldb.com/?id.210356 https://www.jianshu.com/p/489bca847079 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-707: Improper Neutralization •