VYPR

Faculty Evaluation System

by Sourcecodester

CVEs (13)

  • CVE-2023-33440HigMay 26, 2023
    risk 0.51cvss 7.2epss 0.15

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.

  • CVE-2023-33569HigJun 6, 2023
    risk 0.47cvss 7.2epss 0.01

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.

  • CVE-2023-33439HigMay 26, 2023
    risk 0.47cvss 7.2epss 0.03

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.

  • CVE-2023-31845HigMay 15, 2023
    risk 0.47cvss 7.2epss 0.01

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=.

  • CVE-2023-31844HigMay 15, 2023
    risk 0.47cvss 7.2epss 0.01

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=.

  • CVE-2023-31843HigMay 15, 2023
    risk 0.47cvss 7.2epss 0.01

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=.

  • CVE-2023-31842HigMay 15, 2023
    risk 0.47cvss 7.2epss 0.01

    Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=.

  • CVE-2023-2366MedApr 28, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be…

  • CVE-2023-2365MedApr 28, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=delete_subject. The manipulation of the argument id leads to sql injection. The…

  • CVE-2023-2962MedMay 29, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edit_user. The manipulation of the argument id leads to sql injection. The attack…

  • CVE-2023-2369MedApr 28, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/manage_restriction.php. The manipulation of the argument id leads to sql injection. The attack may be initiated…

  • CVE-2023-2368MedApr 28, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=manage_questionnaire. The manipulation of the argument id leads to sql injection. The attack can be…

  • CVE-2023-2367MedApr 28, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manage_academic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack…