CVE-2023-47445
https://notcve.org/view.php?id=CVE-2023-47445
Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. Pre-School Enrollment versión 1.0 es vulnerable a la inyección SQL a través del parámetro de nombre de usuario en la página preschool/admin/. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-47446
https://notcve.org/view.php?id=CVE-2023-47446
Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter. Pre-School Enrollment versión 1.0 es vulnerable a Cross Site Scripting (XSS) en la página profile.php a través del parámetro de nombre completo. • https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •