CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47445
https://notcve.org/view.php?id=CVE-2023-47445
Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. Pre-School Enrollment versión 1.0 es vulnerable a la inyección SQL a través del parámetro de nombre de usuario en la página preschool/admin/. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47446
https://notcve.org/view.php?id=CVE-2023-47446
Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. Pre-School Enrollment versión 1.0 es vulnerable a Cross Site Scripting (XSS) en la página profile.php a través del parámetro de nombre completo. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-46024 – Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi
https://notcve.org/view.php?id=CVE-2023-46024
SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter. Vulnerabilidad de inyección SQL en index.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes ejecutar comandos SQL arbitrarios y obtener información confidencial a través del parámetro 'searchdata'. Teacher Subject Allocation Management System version 1.0 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/51914 https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46024-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46025
https://notcve.org/view.php?id=CVE-2023-46025
SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter. Vulnerabilidad de inyección SQL en teacher-info.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes obtener información confidencial a través del parámetro 'editid'. • https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46025-phpgurukul-Teacher-Subject-Allocation-Management-System-1.0-SQL-Injection-Vulnerability.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46026
https://notcve.org/view.php?id=CVE-2023-46026
Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters. Vulnerabilidad de Cross-Site Scripting (XSS) en profile.php en phpgurukul Teacher Subject Allocation Management System 1.0 permite a atacantes ejecutar código arbitrario a través de los parámetros 'adminname' y 'email'. • https://github.com/ersinerenler/phpgurukul-Teacher-Subject-Allocation-Management-System-1.0/blob/main/CVE-2023-46026-PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0-Stored-Cross-Site-Scripting-Vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •