Physics School Assistant

CVEs (12)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2024-35349	Diño Physics School Assistant	—	0.01	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.
CVE-2024-35350	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.
CVE-2024-35351	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site scripting.
CVE-2024-35359	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35352	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.
CVE-2024-35353	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization.
CVE-2024-35354	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_category. Manipulating the argument id can result in SQL injection.
CVE-2024-35355	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.
CVE-2024-35356	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35357	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35345	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting.
CVE-2024-35358	Diño Physics School Assistant	—	0.00	May 30, 2024	A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_category. Manipulating the argument id can result in SQL injection.

CVE-2024-35349May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.01
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.
CVE-2024-35350May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.
CVE-2024-35351May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site scripting.
CVE-2024-35359May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35352May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting.
CVE-2024-35353May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization.
CVE-2024-35354May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_category. Manipulating the argument id can result in SQL injection.
CVE-2024-35355May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_category. Manipulating the argument id can result in SQL injection.
CVE-2024-35356May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=save_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35357May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=delete_item. Manipulating the argument id can result in SQL injection.
CVE-2024-35345May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts unidentified code within the file /classes/Users.php. Manipulating the argument id results in cross-site scripting.
CVE-2024-35358May 30, 2024
Diño
Physics School Assistant
risk 0.00cvss —epss 0.00
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=view_category. Manipulating the argument id can result in SQL injection.