CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30404
https://notcve.org/view.php?id=CVE-2022-30404
College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. College Management System versión v1.0, es vulnerable a una inyección SQL por medio de /College_Management_System/admin/display-teacher.php?teacher_id= • https://github.com/k0xx11/bug_report/blob/main/vendors/code-projects/College-Management-System/SQLi-1.md. • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 67%CPEs: 1EXPL: 3CVE-2022-28079 – College Management System 1.0 - 'course_code' SQL Injection (Authenticated)
https://notcve.org/view.php?id=CVE-2022-28079
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. Se ha detectado que College Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro course_code College Management System version 1.0 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/50933 http://packetstormsecurity.com/files/167131/College-Management-System-1.0-SQL-Injection.html https://code-projects.org/college-management-system-in-php-with-source-code https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25408
https://notcve.org/view.php?id=CVE-2020-25408
A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data. Se presenta una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en ProjectWorlds College Management System Php versión 1.0, que permite a un atacante remoto modificar, eliminar o realizar una nueva entrada de datos de estudiantes, profesores, asignaturas, puntuaciones, ubicación y artículos • https://github.com/olotieno/College-Management-System-Php https://nikhilkumar01.medium.com/cve-2020-25408-97eb7bcc23a6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25409
https://notcve.org/view.php?id=CVE-2020-25409
Projectsworlds College Management System Php 1.0 is vulnerable to SQL injection issues over multiple parameters. Projectsworlds College Management System Php versión 1.0, es vulnerable a problemas de inyección SQL en parámetros múltiples • https://github.com/olotieno/College-Management-System-Php/tree/master/College-Management-System%20in%20Php_5.5/College-Management-System%20in%20Php_5.5 https://nikhilkumar01.medium.com/cve-2020-25409-5ecbe735c004 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-26051
https://notcve.org/view.php?id=CVE-2020-26051
College Management System Php 1.0 suffers from SQL injection vulnerabilities in the index.php page from POST parameters 'unametxt' and 'pwdtxt', which are not filtered before passing a SQL query. College Management System Php versión 1.0, sufre de vulnerabilidades de inyección SQL en la página index.php de los parámetros POST "unametxt" y "pwdtxt", que no son filtradas antes de pasar una consulta SQL • https://www.exploit-db.com/exploits/48593 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •