Student Result Management System
Monthly
SourceCodester Student Result Management System 1.0 stores authentication credentials in cleartext within an HTTP-accessible file (/login_credentials.txt), allowing unauthenticated remote attackers to retrieve sensitive login information with low complexity. The vulnerability has publicly available exploit code and carries a CVSS 5.3 score reflecting confidentiality impact without integrity or availability compromise.
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A remote code execution vulnerability in A vulnerability classified as critical (CVSS 5.3). Risk factors: public PoC available.
Critical SQL injection vulnerability in PHPGurukul Student Result Management System version 1.3, exploitable through the emp1ctc parameter in /editmyexp.php. An unauthenticated remote attacker can manipulate this parameter to inject malicious SQL commands, potentially leading to unauthorized data access, modification, or deletion. With a publicly disclosed exploit and CVSS 7.3 rating reflecting network-based remote exploitation with low attack complexity and no authentication requirements, this vulnerability poses significant risk to exposed instances.
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in SourceCodester Student Result Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in SourceCodester Student Result Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SourceCodester Student Result Management System 1.0 stores authentication credentials in cleartext within an HTTP-accessible file (/login_credentials.txt), allowing unauthenticated remote attackers to retrieve sensitive login information with low complexity. The vulnerability has publicly available exploit code and carries a CVSS 5.3 score reflecting confidentiality impact without integrity or availability compromise.
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A remote code execution vulnerability in A vulnerability classified as critical (CVSS 5.3). Risk factors: public PoC available.
Critical SQL injection vulnerability in PHPGurukul Student Result Management System version 1.3, exploitable through the emp1ctc parameter in /editmyexp.php. An unauthenticated remote attacker can manipulate this parameter to inject malicious SQL commands, potentially leading to unauthorized data access, modification, or deletion. With a publicly disclosed exploit and CVSS 7.3 rating reflecting network-based remote exploitation with low attack complexity and no authentication requirements, this vulnerability poses significant risk to exposed instances.
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in SourceCodester Student Result Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was found in SourceCodester Student Result Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.