CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25306
https://notcve.org/view.php?id=CVE-2024-25306
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php". Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'aname' en "School/index.php". • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25305
https://notcve.org/view.php?id=CVE-2024-25305
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php. Code-projects Simple School Managment System 1.0 permite omitir la autenticación a través de los parámetros de nombre de usuario y contraseña en School/index.php. • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25313
https://notcve.org/view.php?id=CVE-2024-25313
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/teacher_login.php. Code-projects Simple School Managment System 1.0 permite omitir la autenticación a través de los parámetros de nombre de usuario y contraseña en School/teacher_login.php. • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass%20-%202.md • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25307
https://notcve.org/view.php?id=CVE-2024-25307
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1." Code-projects Cinema Seat Reservation System 1.0 permite la inyección SQL a través del parámetro 'id' en "/Cinema-Reservation/booking.php?id=1". • https://github.com/tubakvgc/CVEs/blob/main/Cinema%20Seat%20Reservation%20System/Cinema%20Seat%20Reservation%20System%20-%20SQL%20Injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25304
https://notcve.org/view.php?id=CVE-2024-25304
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php." Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'apass' en "School/index.php". • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •