CVE-2024-5390 – itsourcecode Online Student Enrollment System listofstudent.php sql injection
https://notcve.org/view.php?id=CVE-2024-5390
A vulnerability, which was classified as critical, was found in itsourcecode Online Student Enrollment System 1.0. Affected is an unknown function of the file listofstudent.php. The manipulation of the argument lname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/3 https://vuldb.com/?ctiid.266304 https://vuldb.com/?id.266304 https://vuldb.com/?submit.344603 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-5381 – itsourcecode Student Information Management System view.php sql injection
https://notcve.org/view.php?id=CVE-2024-5381
A vulnerability classified as critical was found in itsourcecode Student Information Management System 1.0. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation of the argument studentId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/2 https://vuldb.com/?ctiid.266293 https://vuldb.com/?id.266293 https://vuldb.com/?submit.344447 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-3768 – PHPGurukul/itsourcecode News Portal search.php sql injection
https://notcve.org/view.php?id=CVE-2024-3768
A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BurakSevben/CVEs/blob/main/News%20Portal/News%20Portal%20-%20SQL%20Injection%20-%204.md https://vuldb.com/?ctiid.260615 https://vuldb.com/?id.260615 https://vuldb.com/?submit.316291 https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_b.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •