CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1771 – SourceCodester Grade Point Average GPA Calculator Master.php get_scale cross site scripting
https://notcve.org/view.php?id=CVE-2023-1771
A vulnerability was found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as problematic. Affected by this issue is the function get_scale of the file Master.php. The manipulation of the argument perc leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3%20vlun%201.pdf https://vuldb.com/?ctiid.224672 https://vuldb.com/?id.224672 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1770 – SourceCodester Grade Point Average GPA Calculator Master.php get_scale sql injection
https://notcve.org/view.php?id=CVE-2023-1770
A vulnerability has been found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as critical. Affected by this vulnerability is the function get_scale of the file Master.php. The manipulation of the argument perc leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Pe4cefulSnow/SQL-Injection/blob/main/README.md https://vuldb.com/?ctiid.224671 https://vuldb.com/?id.224671 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1769 – SourceCodester Grade Point Average GPA Calculator index.php information disclosure
https://notcve.org/view.php?id=CVE-2023-1769
A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md https://vuldb.com/?ctiid.224670 https://vuldb.com/?id.224670 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1743 – SourceCodester Grade Point Average GPA Calculator index.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-1743
A vulnerability classified as problematic has been found in SourceCodester Grade Point Average GPA Calculator 1.0. This affects an unknown part of the file index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/E1CHO/cve_hub/blob/main/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3/Grade%20Point%20Average%20(GPA)%20Calculator%20in%20PHP%20and%20SQLite3%20vlun%202.pdf https://vuldb.com/?ctiid.224631 https://vuldb.com/?id.224631 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •