Page 24 of 298 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. Pre-School Enrollment versión 1.0 es vulnerable a la inyección SQL a través del parámetro de nombre de usuario en la página preschool/admin/. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. Pre-School Enrollment versión 1.0 es vulnerable a Cross Site Scripting (XSS) en la página profile.php a través del parámetro de nombre completo. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter. Vulnerabilidad de inyección SQL en index.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes ejecutar comandos SQL arbitrarios y obtener información confidencial a través del parámetro 'searchdata'. Teacher Subject Allocation Management System version 1.0 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/51914 https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46024-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1

SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter. Vulnerabilidad de inyección SQL en teacher-info.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes obtener información confidencial a través del parámetro 'editid'. • https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46025-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters. Vulnerabilidad de Cross-Site Scripting (XSS) en profile.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes ejecutar código arbitrario a través de los parámetros 'adminname' y 'email'. • https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46026-PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0-Stored-Cross-Site-Scripting-Vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •