College Management System
Monthly
SQL injection in itsourcecode College Management System 1.0 via the course_code parameter in /admin/courses.php allows authenticated administrators to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but could enable data exfiltration or manipulation.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in itsourcecode College Management System 1.0 allows authenticated remote attackers to manipulate the course_code parameter in /admin/class-result.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but can be executed over the network with minimal complexity.
SQL injection in itsourcecode College Management System 1.0 via the roll_no parameter in /admin/student-fee.php allows authenticated administrators to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but poses a risk to confidentiality, integrity, and availability of student records.
SQL injection in itsourcecode College Management System 1.0 via the teacher_id parameter in /admin/teacher-salary.php enables unauthenticated remote attackers to execute arbitrary database queries and manipulate sensitive payroll data. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects confidentiality, integrity, and availability of the system.
SQL injection in itsourcecode College Management System 1.0's login functionality allows remote attackers to manipulate the email parameter and execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, enabling immediate attack capability against unpatched systems. The flaw permits data disclosure, modification, and potential service disruption with a CVSS score of 7.3.
SQL injection in itsourcecode College Management System 1.0's teacher management interface allows authenticated attackers to manipulate the teacher_id parameter in /admin/display-teacher.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling remote exploitation by users with administrative access. The vulnerability remains unpatched and carries medium severity with potential for data confidentiality, integrity, and availability compromise.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in itsourcecode College Management System 1.0 via the course_code parameter in /admin/courses.php allows authenticated administrators to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but could enable data exfiltration or manipulation.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in itsourcecode College Management System 1.0 allows authenticated remote attackers to manipulate the course_code parameter in /admin/class-result.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but can be executed over the network with minimal complexity.
SQL injection in itsourcecode College Management System 1.0 via the roll_no parameter in /admin/student-fee.php allows authenticated administrators to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but poses a risk to confidentiality, integrity, and availability of student records.
SQL injection in itsourcecode College Management System 1.0 via the teacher_id parameter in /admin/teacher-salary.php enables unauthenticated remote attackers to execute arbitrary database queries and manipulate sensitive payroll data. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects confidentiality, integrity, and availability of the system.
SQL injection in itsourcecode College Management System 1.0's login functionality allows remote attackers to manipulate the email parameter and execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, enabling immediate attack capability against unpatched systems. The flaw permits data disclosure, modification, and potential service disruption with a CVSS score of 7.3.
SQL injection in itsourcecode College Management System 1.0's teacher management interface allows authenticated attackers to manipulate the teacher_id parameter in /admin/display-teacher.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling remote exploitation by users with administrative access. The vulnerability remains unpatched and carries medium severity with potential for data confidentiality, integrity, and availability compromise.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.