Faculty Evaluation System
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33440 | Hig | 0.51 | 7.2 | 0.15 | May 26, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user. | ||
| CVE-2023-33569 | Hig | 0.47 | 7.2 | 0.01 | Jun 6, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user. | ||
| CVE-2023-33439 | Hig | 0.47 | 7.2 | 0.03 | May 26, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=. | ||
| CVE-2023-31845 | Hig | 0.47 | 7.2 | 0.01 | May 15, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=. | ||
| CVE-2023-31844 | Hig | 0.47 | 7.2 | 0.01 | May 15, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=. | ||
| CVE-2023-31843 | Hig | 0.47 | 7.2 | 0.01 | May 15, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=. | ||
| CVE-2023-31842 | Hig | 0.47 | 7.2 | 0.01 | May 15, 2023 | Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=. | ||
| CVE-2023-2366 | Med | 0.41 | 6.3 | 0.01 | Apr 28, 2023 | A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be… | ||
| CVE-2023-2365 | Med | 0.41 | 6.3 | 0.01 | Apr 28, 2023 | A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to sql injection. The… | ||
| CVE-2023-2962 | Med | 0.31 | 4.7 | 0.01 | May 29, 2023 | A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edit_user. The manipulation of the argument id leads to sql injection. The attack… | ||
| CVE-2023-2369 | Med | 0.31 | 4.7 | 0.01 | Apr 28, 2023 | A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/manage_restriction.php. The manipulation of the argument id leads to sql injection. The attack may be initiated… | ||
| CVE-2023-2368 | Med | 0.31 | 4.7 | 0.01 | Apr 28, 2023 | A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=manage_questionnaire. The manipulation of the argument id leads to sql injection. The attack can be… | ||
| CVE-2023-2367 | Med | 0.31 | 4.7 | 0.01 | Apr 28, 2023 | A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manage_academic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack… |
- risk 0.51cvss 7.2epss 0.15
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.
- risk 0.47cvss 7.2epss 0.01
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.
- risk 0.47cvss 7.2epss 0.03
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.
- risk 0.47cvss 7.2epss 0.01
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=.
- risk 0.47cvss 7.2epss 0.01
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=.
- risk 0.47cvss 7.2epss 0.01
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=.
- risk 0.47cvss 7.2epss 0.01
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=.
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.01
A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to sql injection. The…
- risk 0.31cvss 4.7epss 0.01
A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edit_user. The manipulation of the argument id leads to sql injection. The attack…
- risk 0.31cvss 4.7epss 0.01
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/manage_restriction.php. The manipulation of the argument id leads to sql injection. The attack may be initiated…
- risk 0.31cvss 4.7epss 0.01
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=manage_questionnaire. The manipulation of the argument id leads to sql injection. The attack can be…
- risk 0.31cvss 4.7epss 0.01
A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manage_academic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…