VYPR

Computer Laboratory Management System

by Oretnom23

CVEs (35)

  • CVE-2026-3770MedMar 8, 2026
    risk 0.28cvss 4.3epss 0.00

    A flaw has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used.

  • CVE-2025-45956Apr 29, 2025
    risk 0.00cvss epss 0.00

    A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

  • CVE-2025-0342Jan 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument s_lname leads to cross site scripting. It is possible to initiate…

  • CVE-2025-0341Jan 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. The…

  • CVE-2024-54818Jan 8, 2025
    risk 0.00cvss epss 0.01

    SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list.

  • CVE-2024-8348Aug 30, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to…

  • CVE-2024-8347Aug 30, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.php?f=delete_record. The manipulation of the argument id leads to sql injection.…

  • CVE-2024-8346Aug 30, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Affected is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument name leads to sql…

  • CVE-2024-41332Aug 9, 2024
    risk 0.00cvss epss 0.01

    Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.

  • CVE-2024-34480Aug 7, 2024
    risk 0.00cvss epss 0.01

    SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.

  • CVE-2024-34479Aug 7, 2024
    risk 0.00cvss epss 0.01

    SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.

  • CVE-2024-6802Jul 17, 2024
    risk 0.00cvss epss 0.10

    A vulnerability, which was classified as critical, was found in SourceCodester Computer Laboratory Management System 1.0. Affected is an unknown function of the file /lms/classes/Master.php?f=save_record. The manipulation of the argument id leads to sql injection. It is possible…

  • CVE-2024-31586Jun 20, 2024
    risk 0.00cvss epss 0.00

    A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters.

  • CVE-2024-35583May 28, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.

  • CVE-2024-35581May 28, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.

  • CVE-2024-35582May 28, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field.

  • CVE-2024-34231May 13, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter.

  • CVE-2024-34230May 13, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information parameter.

  • CVE-2024-34225May 13, 2024
    risk 0.00cvss epss 0.01

    Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters.

  • CVE-2024-34224May 13, 2024
    risk 0.00cvss epss 0.01

    Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters.

Page 1 of 2