VYPR

Student Web Portal

by Carmelo

CVEs (5)

  • CVE-2025-57515CriOct 6, 2025
    risk 0.64cvss 9.8epss 0.01

    A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows remote attackers to inject arbitrary SQL commands via vulnerable input fields, enabling the execution of time-delay functions to infer database responses.

  • CVE-2024-57401CriFeb 20, 2025
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to execute arbitrary code via the Forgot Password function.

  • CVE-2026-3744HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed…

  • CVE-2026-3745MedMar 8, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Student Web Portal 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument User results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

  • CVE-2026-2158Feb 8, 2026
    risk 0.00cvss epss 0.00

    A vulnerability was detected in code-projects Student Web Portal 1.0. This impacts an unknown function of the file /check_user.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely.