cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-6801,https://securityvulnerability.io/vulnerability/CVE-2024-6801,Unrestricted File Upload Vulnerability Discovered in SourceCodester Online Student Management System,"A vulnerability has been identified in the SourceCodester Online Student Management System version 1.0, specifically related to the file handling in /add-students.php. This issue pertains to the unrestricted upload of files, where manipulation of the 'image' argument can result in unauthorized file uploads. Attackers can exploit this flaw remotely, potentially compromising the security of the system. The public disclosure of this exploit has raised concerns about the potential for misuse. Organizations utilizing this software should assess their exposure and consider implementing remediation strategies to mitigate the risk associated with this vulnerability.",SourceCodester,Online Student Management System,9.8,CRITICAL,0.003449999960139394,false,,false,false,false,,,false,false,,2024-07-17T02:15:00.000Z,0
CVE-2023-6945,https://securityvulnerability.io/vulnerability/CVE-2023-6945,SourceCodester Online Student Management System edit-student-detail.php cross site scripting,A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248377 was assigned to this vulnerability.,Sourcecodester,Online Student Management System,2.4,LOW,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-12-19T11:15:00.000Z,0
CVE-2023-1397,https://securityvulnerability.io/vulnerability/CVE-2023-1397,SourceCodester Online Student Management System profile.php cross site scripting,A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222984.,SourceCodester,Online Student Management System,6.1,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2023-03-14T15:15:00.000Z,0
CVE-2023-1099,https://securityvulnerability.io/vulnerability/CVE-2023-1099,SourceCodester Online Student Management System edit-class-detail.php sql injection,A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-222002 is the identifier assigned to this vulnerability.,Sourcecodester,Online Student Management System,6.3,MEDIUM,0.0017300000181421638,false,,false,false,false,,,false,false,,2023-02-28T21:15:00.000Z,0