CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2367 – SourceCodester Faculty Evaluation System manage_academic.php sql injection
https://notcve.org/view.php?id=CVE-2023-2367
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manage_academic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/f0llow/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md https://vuldb.com/?ctiid.227643 https://vuldb.com/?id.227643 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2366 – SourceCodester Faculty Evaluation System sql injection
https://notcve.org/view.php?id=CVE-2023-2366
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://github.com/oV201/cve_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-2.md https://vuldb.com/?ctiid.227642 https://vuldb.com/?id.227642 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2365 – SourceCodester Faculty Evaluation System sql injection
https://notcve.org/view.php?id=CVE-2023-2365
A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/oV201/cve_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md https://vuldb.com/?ctiid.227641 https://vuldb.com/?id.227641 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18757
https://notcve.org/view.php?id=CVE-2018-18757
Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758. Open Faculty Evaluation System 5.6 para PHP 5.6 permite una inyección SQL en submit_feedback.php, esta vulnerabilidad es diferente de CVE-2018-18758. • https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45703 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18758
https://notcve.org/view.php?id=CVE-2018-18758
Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757. Open Faculty Evaluation System 7 para PHP 7 permite una inyección SQL en submit_feedback.php, esta vulnerabilidad es diferente de CVE-2018-18757. • https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45707 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •