Student Web Portal
Monthly
SQL injection in Student Web Portal 1.0's profile.php allows authenticated attackers to execute arbitrary SQL queries through improper input validation on the User parameter, potentially leading to unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in Student Web Portal 1.0's signup.php password validation function allows unauthenticated remote attackers to manipulate database queries through the reg_passwd parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable unauthorized data access, modification, or deletion.
SQL injection in the Student Web Portal 1.0 /check_user.php endpoint allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary database queries. The vulnerability enables attackers to read, modify, or delete sensitive data with public exploit code readily available. This affects PHP-based installations of the Student Web Portal with no patch currently available.
SQL injection in Student Web Portal 1.0's profile.php allows authenticated attackers to execute arbitrary SQL queries through improper input validation on the User parameter, potentially leading to unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in Student Web Portal 1.0's signup.php password validation function allows unauthenticated remote attackers to manipulate database queries through the reg_passwd parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable unauthorized data access, modification, or deletion.
SQL injection in the Student Web Portal 1.0 /check_user.php endpoint allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary database queries. The vulnerability enables attackers to read, modify, or delete sensitive data with public exploit code readily available. This affects PHP-based installations of the Student Web Portal with no patch currently available.