CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5925 – Campcodes Simple Student Information System Master.php sql injection
https://notcve.org/view.php?id=CVE-2023-5925
A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%203.pdf https://vuldb.com/?ctiid.244325 https://vuldb.com/?id.244325 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5924 – Campcodes Simple Student Information System view_course.php sql injection
https://notcve.org/view.php?id=CVE-2023-5924
A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. This vulnerability affects unknown code of the file /admin/courses/view_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244324. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%202.pdf https://vuldb.com/?ctiid.244324 https://vuldb.com/?id.244324 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5923 – Campcodes Simple Student Information System index.php sql injection
https://notcve.org/view.php?id=CVE-2023-5923
A vulnerability classified as critical has been found in Campcodes Simple Student Information System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244323. • https://github.com/E1CHO/cve_hub/blob/main/Simple%20Student%20Information%20System/Simple%20Student%20Information%20System%20-%20vuln%201.pdf https://vuldb.com/?ctiid.244323 https://vuldb.com/?id.244323 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2425 – SourceCodester Simple Student Information System Add New Course cross site scripting
https://notcve.org/view.php?id=CVE-2023-2425
A vulnerability was found in SourceCodester Simple Student Information System 1.0. It has been classified as problematic. This affects an unknown part of the file /classes/Master.php?f=save_course of the component Add New Course. The manipulation of the argument name with the input <script>alert(document.cookie)</script> leads to cross site scripting. • https://github.com/sssddc11/bug_report/blob/master/XSS-1.md https://vuldb.com/?ctiid.227751 https://vuldb.com/?id.227751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34550
https://notcve.org/view.php?id=CVE-2022-34550
Sims v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter. Se ha detectado que Sims versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del componente /addNotifyServlet. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el parámetro notifyInfo • http://cwe.mitre.org/data/definitions/79.html https://github.com/rawchen/sims/issues/8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •