CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25308
https://notcve.org/view.php?id=CVE-2024-25308
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php. Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'name' en School/teacher_login.php. • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-6.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25310
https://notcve.org/view.php?id=CVE-2024-25310
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5." Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'id' en "School/delete.php?id=5". • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25312
https://notcve.org/view.php?id=CVE-2024-25312
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5." Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'id' en "School/sub_delete.php?id=5". • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-5.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-25309
https://notcve.org/view.php?id=CVE-2024-25309
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php. Code-projects Simple School Managment System 1.0 permite la inyección SQL a través del parámetro 'pass' en School/teacher_login.php. • https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-7.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0722 – code-projects Social Networking Site Message Page message.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-0722
A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1r-4P-gWuIxuVL2QdOXsqN6OTRtQEmo7P/view?usp=drive_link https://vuldb.com/?ctiid.251546 https://vuldb.com/?id.251546 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •