Student-Attendance-Management-System
by Rickxy
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-41524 | Hig | 0.57 | 8.8 | 0.00 | Aug 7, 2025 | Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php. | ||
| CVE-2023-41523 | Hig | 0.57 | 8.8 | 0.00 | Aug 7, 2025 | Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php. | ||
| CVE-2023-41522 | Hig | 0.57 | 8.8 | 0.00 | Aug 7, 2025 | Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters. | ||
| CVE-2023-41520 | Hig | 0.57 | 8.8 | 0.00 | Aug 7, 2025 | Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters. | ||
| CVE-2023-41519 | Med | 0.40 | 6.1 | 0.00 | Aug 7, 2025 | Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php. | ||
| CVE-2022-4052 | Med | 0.31 | 4.7 | 0.01 | Nov 17, 2022 | A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file /Admin/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The… |
- risk 0.57cvss 8.8epss 0.00
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
- risk 0.57cvss 8.8epss 0.00
Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
- risk 0.57cvss 8.8epss 0.00
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
- risk 0.57cvss 8.8epss 0.00
Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
- risk 0.40cvss 6.1epss 0.00
Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
- risk 0.31cvss 4.7epss 0.01
A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file /Admin/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The…