Medium
CVSS: 6.9
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be…
Medium
CVSS: 5.1
A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The…
Medium
CVSS: 5.3
A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /schedule_edit1.php. Such manipulation of the argument schedule_id leads to sql injection.…
Medium
CVSS: 5.3
A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollment_edit1.php. Executing manipulation of the argument en_id can lead to sql injection. The attack…
Medium
CVSS: 5.1
A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.php. Such manipulation leads to cross site scripting. It is possible to launch the attack r…
Medium
CVSS: 5.3
A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php. This manipulation causes cross site scripting. It is possible to initiate the attack remo…
Medium
CVSS: 5.3
A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has bee…
Medium
CVSS: 6.9
A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The attack is possible to be carried out remotely…
Medium
CVSS: 6.9
A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be executed rem…
Medium
CVSS: 6.9
A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing manipulation of the argument s results in sql injection. Remote exploitation of the attack i…
Medium
CVSS: 5.3
A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id leads to sql injection. The attack may be per…
Medium
CVSS: 6.9
A security vulnerability has been detected in itsourcecode Student Information System 1.0. This affects an unknown function of the file /course_edit1.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch…
Medium
CVSS: 6.4
An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter.
Medium
CVSS: 5.4
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Use…
Critical
CVSS: 9.1
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.