4 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched remotely. • https://code-projects.org https://github.com/ppp-src/a/issues/21 https://vuldb.com/?ctiid.278269 https://vuldb.com/?id.278269 https://vuldb.com/?submit.411912 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. • https://github.com/nothe1senberg/CVE-2024-9080 https://code-projects.org https://github.com/ppp-src/a/issues/17 https://vuldb.com/?ctiid.278250 https://vuldb.com/?id.278250 https://vuldb.com/?submit.411847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/maybeheisenberg/CVE-2024-9079 https://code-projects.org https://github.com/ppp-src/a/issues/16 https://vuldb.com/?ctiid.278249 https://vuldb.com/?id.278249 https://vuldb.com/?submit.411846 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been found in code-projects Student Record System 1.0 and classified as critical. This vulnerability affects unknown code of the file /course.php. The manipulation of the argument coursename leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://code-projects.org https://github.com/ppp-src/a/issues/15 https://vuldb.com/?ctiid.278248 https://vuldb.com/?id.278248 https://vuldb.com/?submit.411542 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •